From 6d39053711451752aa9404a7ad840c067db81153 Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Thu, 27 May 2021 02:01:07 +0100
Subject: [PATCH] Fix setting of SameSite on cookies (#15989)

Fix #15972

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
---
 modules/web/middleware/cookie.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/web/middleware/cookie.go b/modules/web/middleware/cookie.go
index cfcc2bbac7..f44d2c3688 100644
--- a/modules/web/middleware/cookie.go
+++ b/modules/web/middleware/cookie.go
@@ -149,7 +149,7 @@ func SetCookie(resp http.ResponseWriter, name string, value string, others ...in
 	if len(others) > 2 {
 		if v, ok := others[2].(string); ok && len(v) > 0 {
 			cookie.Domain = v
-		} else if v, ok := others[1].(func(*http.Cookie)); ok {
+		} else if v, ok := others[2].(func(*http.Cookie)); ok {
 			v(&cookie)
 		}
 	}
@@ -170,7 +170,7 @@ func SetCookie(resp http.ResponseWriter, name string, value string, others ...in
 	if len(others) > 4 {
 		if v, ok := others[4].(bool); ok && v {
 			cookie.HttpOnly = true
-		} else if v, ok := others[1].(func(*http.Cookie)); ok {
+		} else if v, ok := others[4].(func(*http.Cookie)); ok {
 			v(&cookie)
 		}
 	}
@@ -179,7 +179,7 @@ func SetCookie(resp http.ResponseWriter, name string, value string, others ...in
 		if v, ok := others[5].(time.Time); ok {
 			cookie.Expires = v
 			cookie.RawExpires = v.Format(time.UnixDate)
-		} else if v, ok := others[1].(func(*http.Cookie)); ok {
+		} else if v, ok := others[5].(func(*http.Cookie)); ok {
 			v(&cookie)
 		}
 	}