update cookie options in put and update logic for mustUseStorageAccess (

#286) * update cookie options in put and update logic for mustUseStorageAccess * format * fix sameSite none * run format * add testnet verify-captcha to caddyfile * fix affiliateAddress for heroswap iframe in identity (#287) Co-authored-by: Lazy Nina <> --------- Co-authored-by: Lazy Nina <>
deso-protocol · Oct 17, 2023 · 22e65fe · 22e65fe
1 parent 00763db
commit 22e65fe
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 12 deletions.
diff --git a/Caddyfile b/Caddyfile
@@ -69,6 +69,7 @@ header @html Content-Security-Policy "
     https://test.deso.org/api/v0/send-starter-deso-for-metamask-account
     https://test.deso.org/api/v0/authorize-derived-key
     https://test.deso.org/api/v0/get-txn
+    https://test.deso.org/api/v0/verify-captcha
     https://test.deso.org/api/v0/get-bulk-messaging-public-keys
     https://test.deso.org/api/v0/submit-transaction
     https://www.googleapis.com/drive/v3/files

diff --git a/src/app/crypto.service.ts b/src/app/crypto.service.ts
@@ -43,16 +43,7 @@ export class CryptoService {
       return false;
     }
 
-    const supportsStorageAccess =
-      typeof document.hasStorageAccess === 'function';
-    const isChrome = navigator.userAgent.indexOf('Chrome') > -1;
-    const isSafari = !isChrome && navigator.userAgent.indexOf('Safari') > -1;
-
-    // Firefox and Edge support the storage access API but do not enforce it.
-    // For now, only use cookies if we support storage access and use Safari.
-    const mustUseStorageAccess = supportsStorageAccess && isSafari;
-
-    return mustUseStorageAccess;
+    return typeof document.hasStorageAccess === 'function';
   }
 
   // 32 bytes = 256 bits is plenty of entropy for encryption
@@ -86,6 +77,9 @@ export class CryptoService {
         encryptionKey = this.newEncryptionKey();
         this.cookieService.put(storageKey, encryptionKey, {
           expires: new Date('2100/01/01 00:00:00'),
+          path: '/',
+          secure: true,
+          sameSite: 'none',
         });
       }
     } else {

diff --git a/src/app/get-deso/get-deso.component.ts b/src/app/get-deso/get-deso.component.ts
@@ -94,7 +94,11 @@ export class GetDesoComponent implements OnInit {
         '&destinationTickers=DESO',
         '&destinationTicker=DESO',
         `&destinationAddress=${this.publicKeyAdded || ''}`, // TODO: confirm publicKeyAdded is correct.
-        `&affiliateAddress=BC1YLgHhMFnUrzQRpZCpK7TDxVGoGnAk539JqpYWgJ8uW9R7zCCdGHK`,
+        `&affiliateAddress=${
+          this.globalVars.network === Network.mainnet
+            ? 'BC1YLgHhMFnUrzQRpZCpK7TDxVGoGnAk539JqpYWgJ8uW9R7zCCdGHK'
+            : 'tBCKX1RURo8HRUcYVNrpYj1JZcY1yvWuhSi6NDfKXRudwQpDkAd8YC'
+        }`,
         `&now=${Date.now()}`,
       ].join('')
     );

diff --git a/src/app/identity.service.ts b/src/app/identity.service.ts
@@ -306,6 +306,7 @@ export class IdentityService {
       signedTransactionHex,
     });
   }
+
   // Encrypt with shared secret
   private handleEncrypt(data: any): void {
     if (!this.approve(data, AccessLevel.ApproveAll)) {
@@ -473,7 +474,11 @@ export class IdentityService {
     }
 
     // check for cookie access
-    this.cookieService.put('deso-test-access', 'true');
+    this.cookieService.put('deso-test-access', 'true', {
+      path: '/',
+      secure: true,
+      sameSite: 'none',
+    });
     const hasCookieAccess = !!this.cookieService.get('deso-test-access');
 
     // store if browser is supported or not