fix: Chrome 로그아웃 실패 수정 - 쿠키 삭제 시 secure/samesite 속성 추가

Chrome은 secure 쿠키 삭제 시 삭제 문자열에도 secure 플래그가 필요함. 6개 파일의 cookieRemove 함수에 '; secure; samesite=lax' 추가. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-11 13:59:06 +09:00
parent d42380ff63
commit 2d25d54589
6 changed files with 6 additions and 6 deletions
--- a/gateway/html/login.html
+++ b/gateway/html/login.html
@@ -115,7 +115,7 @@
            remove: function(name) {
                var cookie = name + '=; path=/; max-age=0';
                if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                }
                document.cookie = cookie;
            }
--- a/gateway/html/portal.html
+++ b/gateway/html/portal.html
@@ -175,7 +175,7 @@
            remove: function(name) {
                var cookie = name + '=; path=/; max-age=0';
                if (window.location.hostname.includes('technicalkorea.net')) {
-                    cookie += '; domain=.technicalkorea.net';
+                    cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
                }
                document.cookie = cookie;
            }
--- a/gateway/html/shared/nav-header.js
+++ b/gateway/html/shared/nav-header.js
@@ -21,7 +21,7 @@
  function cookieRemove(name) {
    var cookie = name + '=; path=/; max-age=0';
    if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
    }
    document.cookie = cookie;
  }
--- a/system2-report/web/js/api-base.js
+++ b/system2-report/web/js/api-base.js
@@ -25,7 +25,7 @@ if ('serviceWorker' in navigator) {
  function cookieRemove(name) {
    var cookie = name + '=; path=/; max-age=0';
    if (window.location.hostname.includes('technicalkorea.net')) {
-      cookie += '; domain=.technicalkorea.net';
+      cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
    }
    document.cookie = cookie;
  }
--- a/system3-nonconformance/web/static/js/core/auth-manager.js
+++ b/system3-nonconformance/web/static/js/core/auth-manager.js
@@ -59,7 +59,7 @@ class AuthManager {
    _cookieRemove(name) {
        let cookie = name + '=; path=/; max-age=0';
        if (window.location.hostname.includes('technicalkorea.net')) {
-            cookie += '; domain=.technicalkorea.net';
+            cookie += '; domain=.technicalkorea.net; secure; samesite=lax';
        }
        document.cookie = cookie;
    }
--- a/user-management/web/static/js/tkuser-core.js
+++ b/user-management/web/static/js/tkuser-core.js
@@ -9,7 +9,7 @@ const API_BASE = '/api';
 /* ===== Token ===== */
 function _cookieGet(n) { const m = document.cookie.match(new RegExp('(?:^|; )' + n + '=([^;]*)')); return m ? decodeURIComponent(m[1]) : null; }
-function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net'; document.cookie = c; }
+function _cookieRemove(n) { let c = n + '=; path=/; max-age=0'; if (location.hostname.includes('technicalkorea.net')) c += '; domain=.technicalkorea.net; secure; samesite=lax'; document.cookie = c; }
 function getToken() { return _cookieGet('sso_token') || localStorage.getItem('sso_token'); }
 function getLoginUrl() {
    const h = location.hostname;