ScottHamper · mum-never-proud · Mar 21, 2020 · Mar 21, 2020 · Mar 21, 2020 · Mar 21, 2020
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 /dist
+.DS_Store
 bower.json
diff --git a/README.md b/README.md
@@ -84,12 +84,13 @@ and [System.Uri.UnescapeDataString](http://msdn.microsoft.com/en-us/library/syst
 
 Sets a cookie in the document. If the cookie does not already exist, it will be created. Returns the `Cookies` object.
 
-| Option    | Description                                                                                      | Default     |
-| --------: | ------------------------------------------------------------------------------------------------ | ----------- |
-|    *path* | A string value of the path of the cookie                                                         | `"/"`       |
-|  *domain* | A string value of the domain of the cookie                                                       | `undefined` |
-| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` |
-|  *secure* | A boolean value of whether or not the cookie should only be available over SSL                   | `false`     |
+| Option     | Description                                                                                                        | Default     |
+| ---------: | -------------------------------------------------------------------------------------------------------------------| ----------- |
+|    *path*  | A string value of the path of the cookie                                                                           | `"/"`       |
+|  *domain*  | A string value of the domain of the cookie                                                                         | `undefined` |
+| *expires*  | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire                   | `undefined` |
+|  *secure*  | A boolean value of whether or not the cookie should only be available over SSL                                     | `false`     |
+| *SameSite* | A string value that allows you to declare if the cookies should be restrcited to first party or same site context  | `null`      |
 
 A default value for any option may be set in the `Cookies.defaults` object.
 
@@ -171,12 +172,13 @@ if (Cookies.enabled) {
 #### Cookies.defaults
 An object representing default options to be used when setting and expiring cookie values.
 
-| Option    | Description                                                                                      | Default     |
-| --------: | ------------------------------------------------------------------------------------------------ | ----------- |
-|    *path* | A string value of the path of the cookie                                                         | `"/"`       |
-|  *domain* | A string value of the domain of the cookie                                                       | `undefined` |
-| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` |
-|  *secure* | A boolean value of whether or not the cookie should only be available over SSL                   | `false`     |
+| Option     | Description                                                                                                       | Default     |
+| ---------: | ------------------------------------------------------------------------------------------------------------------| ----------- |
+|    *path*  | A string value of the path of the cookie                                                                          | `"/"`       |
+|  *domain*  | A string value of the domain of the cookie                                                                        | `undefined` |
+| *expires*  | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire                  | `undefined` |
+|  *secure*  | A boolean value of whether or not the cookie should only be available over SSL                                    | `false`     |
+| *SameSite* | A string value that allows you to declare if the cookies should be restrcited to first party or same site context | `null`      |
 
 **Example Usage**
 ```javascript

diff --git a/src/cookies.js b/src/cookies.js
@@ -28,7 +28,8 @@
 
         Cookies.defaults = {
             path: '/',
-            secure: false
+            secure: false,
+            sameSite: null
         };
 
         Cookies.get = function (key) {
@@ -59,7 +60,8 @@
                 path: options && options.path || Cookies.defaults.path,
                 domain: options && options.domain || Cookies.defaults.domain,
                 expires: options && options.expires || Cookies.defaults.expires,
-                secure: options && options.secure !== undefined ?  options.secure : Cookies.defaults.secure
+                secure: options && options.secure !== undefined ?  options.secure : Cookies.defaults.secure,
+                sameSite: options && options.sameSite || Cookies.defaults.sameSite
             };
         };
 
@@ -95,6 +97,7 @@
             cookieString += options.domain ? ';domain=' + options.domain : '';
             cookieString += options.expires ? ';expires=' + options.expires.toUTCString() : '';
             cookieString += options.secure ? ';secure' : '';
+            cookieString += options.sameSite ? ';SameSite=' + options.sameSite : '';
 
             return cookieString;
         };

diff --git a/tests/spec/cookies-spec.js b/tests/spec/cookies-spec.js
@@ -58,6 +58,10 @@ describe('UNIT TESTS', function () {
         it('has a defined `secure` value of `false`', function () {
             expect(Cookies.defaults.secure).toBe(false);
         });
+
+        it('has a defined `sameSite` value of `null`', function () {
+          expect(Cookies.defaults.sameSite).toBe(null);
+        });
     });
 
     describe('Cookies.get(key)', function () {
@@ -139,7 +143,8 @@ describe('UNIT TESTS', function () {
                 path: '/cookies',
                 domain: 'www.scotthamper.com',
                 expires: '01/01/2013 GMT',
-                secure: false
+                secure: false,
+                sameSite: null
             };
         });
 
@@ -186,7 +191,8 @@ describe('UNIT TESTS', function () {
                 path: Cookies.defaults.path,
                 domain: Cookies.defaults.domain,
                 expires: new Date(Cookies.defaults.expires),
-                secure: Cookies.defaults.secure
+                secure: Cookies.defaults.secure,
+                sameSite: Cookies.defaults.sameSite
             };
 
             spyOn(Cookies, '_generateCookieString').andCallThrough();
@@ -230,7 +236,8 @@ describe('UNIT TESTS', function () {
                     path: '/cookies',
                     domain: 'www.scotthamper.com',
                     expires: '01/01/2013',
-                    secure: false
+                    secure: false,
+                    sameSite: null
                 };
             });
 
@@ -247,7 +254,8 @@ describe('UNIT TESTS', function () {
                     path: '/nom',
                     domain: 'www.github.com',
                     expires: '02/02/2013',
-                    secure: true
+                    secure: true,
+                    sameSite: 'None'
                 };
 
                 expect(Cookies._getExtendedOptions(options)).toEqual(options);
@@ -260,7 +268,8 @@ describe('UNIT TESTS', function () {
                     path: options.path,
                     domain: Cookies.defaults.domain,
                     expires: Cookies.defaults.expires,
-                    secure: Cookies.defaults.secure
+                    secure: Cookies.defaults.secure,
+                    sameSite: Cookies.defaults.sameSite
                 });
             });
 
@@ -271,7 +280,8 @@ describe('UNIT TESTS', function () {
                     path: Cookies.defaults.path,
                     domain: options.domain,
                     expires: Cookies.defaults.expires,
-                    secure: Cookies.defaults.secure
+                    secure: Cookies.defaults.secure,
+                    sameSite: Cookies.defaults.sameSite
                 });
             });
 
@@ -282,7 +292,8 @@ describe('UNIT TESTS', function () {
                     path: Cookies.defaults.path,
                     domain: Cookies.defaults.domain,
                     expires: options.expires,
-                    secure: Cookies.defaults.secure
+                    secure: Cookies.defaults.secure,
+                    sameSite: Cookies.defaults.sameSite
                 });
             });
 
@@ -293,7 +304,8 @@ describe('UNIT TESTS', function () {
                     path: Cookies.defaults.path,
                     domain: Cookies.defaults.domain,
                     expires: Cookies.defaults.expires,
-                    secure: options.secure
+                    secure: options.secure,
+                    sameSite: Cookies.defaults.sameSite
                 });
             });
 
@@ -311,6 +323,7 @@ describe('UNIT TESTS', function () {
                 expect(options.domain).toBeUndefined();
                 expect(options.expires).toBeUndefined();
                 expect(options.secure).toBeUndefined();
+                expect(options.sameSite).toBeUndefined();
             });
         });
 
@@ -434,6 +447,13 @@ describe('UNIT TESTS', function () {
                 var options = { secure: true };
                 expect(Cookies._generateCookieString(key, value, options)).toEqual('key=value;secure');
             });
+
+            it('includes the SameSite flag when `options.sameSite` is defined', function () {
+              var options = { sameSite: 'None' };
+              var expected = 'key=value;SameSite=None';
+
+              expect(Cookies._generateCookieString(key, value, options)).toEqual(expected);
+            });
         });
 
         describe('Cookies._getCacheFromString(documentCookie)', function () {