From 2d25d54589ac5fd9bbde00a55fe38475a1f43100 Mon Sep 17 00:00:00 2001
From: Hyungi Ahn <hyungiahn@Hyungiui-MacBookPro.local>
Date: Wed, 11 Mar 2026 13:59:06 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20Chrome=20=EB=A1=9C=EA=B7=B8=EC=95=84?=
 =?UTF-8?q?=EC=9B=83=20=EC=8B=A4=ED=8C=A8=20=EC=88=98=EC=A0=95=20-=20?=
 =?UTF-8?q?=EC=BF=A0=ED=82=A4=20=EC=82=AD=EC=A0=9C=20=EC=8B=9C=20secure/sa?=
 =?UTF-8?q?mesite=20=EC=86=8D=EC=84=B1=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Chrome은 secure 쿠키 삭제 시 삭제 문자열에도 secure 플래그가 필요함.
6개 파일의 cookieRemove 함수에 '; secure; samesite=lax' 추가.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 gateway/html/login.html                                   | 2 +-
 gateway/html/portal.html                                  | 2 +-
 gateway/html/shared/nav-header.js                         | 2 +-
 system2-report/web/js/api-base.js                         | 2 +-
 system3-nonconformance/web/static/js/core/auth-manager.js | 2 +-
 user-management/web/static/js/tkuser-core.js              | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/gateway/html/login.html b/gateway/html/login.html
index 4e639b6..15440d2 100644
--- a/gateway/html/login.html
+++ b/gateway/html/login.html
@@ -115,7 +115,7 @@
             remove: function(name) {
                 var cookie = name + '=; path=/; max-age=0';
                 if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                 }
                 document.cookie = cookie;
             }
diff --git a/gateway/html/portal.html b/gateway/html/portal.html
index cc9286d..ec23c8b 100644
--- a/gateway/html/portal.html
+++ b/gateway/html/portal.html
@@ -175,7 +175,7 @@
             remove: function(name) {
                 var cookie = name + '=; path=/; max-age=0';
                 if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                 }
                 document.cookie = cookie;
             }
diff --git a/gateway/html/shared/nav-header.js b/gateway/html/shared/nav-header.js
index cd34e19..fb27418 100644
--- a/gateway/html/shared/nav-header.js
+++ b/gateway/html/shared/nav-header.js
@@ -21,7 +21,7 @@
   function cookieRemove(name) {
     var cookie = name + '=; path=/; max-age=0';
     if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
     }
     document.cookie = cookie;
   }
diff --git a/system2-report/web/js/api-base.js b/system2-report/web/js/api-base.js
index dbac71e..17a1f84 100644
--- a/system2-report/web/js/api-base.js
+++ b/system2-report/web/js/api-base.js
@@ -25,7 +25,7 @@ if ('serviceWorker' in navigator) {
   function cookieRemove(name) {
     var cookie = name + '=; path=/; max-age=0';
     if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
     }
     document.cookie = cookie;
   }
diff --git a/system3-nonconformance/web/static/js/core/auth-manager.js b/system3-nonconformance/web/static/js/core/auth-manager.js
index 4b929ab..3d9fd3c 100644
--- a/system3-nonconformance/web/static/js/core/auth-manager.js
+++ b/system3-nonconformance/web/static/js/core/auth-manager.js
@@ -59,7 +59,7 @@ class AuthManager {
     _cookieRemove(name) {
         let cookie = name + '=; path=/; max-age=0';
         if (window.location.hostname.includes('technicalkorea.net')) {
-            cookie += '; domain=.technicalkorea.net';
+            cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
         }
         document.cookie = cookie;
     }
diff --git a/user-management/web/static/js/tkuser-core.js b/user-management/web/static/js/tkuser-core.js
index 2d1358a..d70f922 100644
--- a/user-management/web/static/js/tkuser-core.js
+++ b/user-management/web/static/js/tkuser-core.js
@@ -9,7 +9,7 @@ const API_BASE = '/api';
 
 /* ===== Token ===== */
 function _cookieGet(n) { const m = document.cookie.match(new RegExp('(?:^|; )' + n + '=([^;]*)')); return m ? decodeURIComponent(m[1]) : null; }
-function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net'; document.cookie = c; }
+function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net; secure; samesite=lax'; document.cookie = c; }
 function getToken() { return _cookieGet('sso_token') || localStorage.getItem('sso_token'); }
 function getLoginUrl() {
     const h = location.hostname;