From 3a4cae72bd33456aea0659e5a76a7d1c90596c46 Mon Sep 17 00:00:00 2001
From: John Luo <jt.luo@mail.utoronto.ca>
Date: Tue, 30 May 2017 21:04:32 -0700
Subject: [PATCH] Use Strict SameSite mode for temp data cookies

---
 .../ViewFeatures/CookieTempDataProvider.cs                       | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Microsoft.AspNetCore.Mvc.ViewFeatures/ViewFeatures/CookieTempDataProvider.cs b/src/Microsoft.AspNetCore.Mvc.ViewFeatures/ViewFeatures/CookieTempDataProvider.cs
index c3f21802c9..41a15033ab 100644
--- a/src/Microsoft.AspNetCore.Mvc.ViewFeatures/ViewFeatures/CookieTempDataProvider.cs
+++ b/src/Microsoft.AspNetCore.Mvc.ViewFeatures/ViewFeatures/CookieTempDataProvider.cs
@@ -65,6 +65,7 @@ namespace Microsoft.AspNetCore.Mvc.ViewFeatures
             {
                 Domain = string.IsNullOrEmpty(_options.Domain) ? null : _options.Domain,
                 HttpOnly = true,
+                SameSite = SameSiteMode.Strict,
                 Secure = context.Request.IsHttps,
             };
             SetCookiePath(context, cookieOptions);