From 357feac5fd15d8a0032b73a66ee06f20758fdb2b Mon Sep 17 00:00:00 2001
From: Carlin MacKenzie <carlin.mackenzie@gmail.com>
Date: Thu, 28 Mar 2024 17:21:08 +0100
Subject: [PATCH] bug: fix cookie behaviour across subdomains

---
 content/about/cookie-policy/contents.lr | 2 +-
 templates/macros/cookie-banner.html     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/about/cookie-policy/contents.lr b/content/about/cookie-policy/contents.lr
index 6a8c763..8c3d0cc 100644
--- a/content/about/cookie-policy/contents.lr
+++ b/content/about/cookie-policy/contents.lr
@@ -145,7 +145,7 @@ $('#withdraw-consent')
 function unsetCookie(cname) {
     var expires = "expires=Thu, 01 Jan 1970 00:00:00 UTC";
     var cookie = cname + "=;" + expires + ";"
-    cookie += "path=.zenodo.org;SameSite=None; Secure";
+    cookie += "Domain=zenodo.org;Path=/;SameSite=None; Secure";
     document.cookie = cookie;
 }
 </script>
diff --git a/templates/macros/cookie-banner.html b/templates/macros/cookie-banner.html
index 00973cd..a3763ef 100644
--- a/templates/macros/cookie-banner.html
+++ b/templates/macros/cookie-banner.html
@@ -94,7 +94,7 @@
     d.setTime(d.getTime() + (365 * 24 * 60 * 60 * 1000)); // one year
     var expires = "expires=" + d.toUTCString();
     var cookie = cname + "=" + cvalue + ";" + expires + ";"
-    cookie += "path=.zenodo.org;SameSite=None; Secure"; // so that it works across subdomains
+    cookie += "Domain=zenodo.org;Path=/;SameSite=None; Secure"; // so that it works across subdomains
     document.cookie = cookie;
 }
 </script>