Remove SameSite=None restrictions for Rack 2.1.0

kaspth · kaspth · commit 28f81c05589e · 2020-02-09T22:41:09.000+01:00
Also bump Rails' now required Rack 2.1.0 version.
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -440,7 +440,6 @@ def handle_options(options)
 
           options[:path]      ||= "/"
           options[:same_site] ||= request.cookies_same_site_protection
-          options[:same_site] = false if options[:same_site] == :none # TODO: Remove when rack 2.1.0 is out.
 
           if options[:domain] == :all || options[:domain] == "all"
             # If there is a provided tld length then we use it otherwise default domain regexp.
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb
@@ -366,7 +366,7 @@ def test_setting_cookie_with_no_protection
     @request.env["action_dispatch.cookies_same_site_protection"] = :none
 
     get :authenticate
-    assert_cookie_header "user_name=david; path=/" # TODO: append "; SameSite=None" when rack 2.1.0 is out and bump rack dependency version.
+    assert_cookie_header "user_name=david; path=/; SameSite=None"
     assert_equal({ "user_name" => "david" }, @response.cookies)
   end
 
