Add the option to generate a legacy cookie

lib/rails_same_site_cookie/configuration.rb

@@ -1,9 +1,10 @@
 module RailsSameSiteCookie
   class Configuration
-    attr_accessor :user_agent_regex
+    attr_accessor :user_agent_regex, :generate_legacy_cookie
 
     def initialize
       @user_agent_regex = nil
+      @generate_legacy_cookie = false
     end
   end
 end

lib/rails_same_site_cookie/middleware.rb

@@ -13,10 +13,11 @@ def call(env)
       status, headers, body = @app.call(env)
 
       regex = RailsSameSiteCookie.configuration.user_agent_regex
+      generate_legacy = RailsSameSiteCookie.configuration.generate_legacy_cookie
       set_cookie = headers['Set-Cookie']
       if (regex.nil? or regex.match(env['HTTP_USER_AGENT'])) and not (set_cookie.nil? or set_cookie.strip == '')
         parser = UserAgentChecker.new(env['HTTP_USER_AGENT'])
-        if parser.send_same_site_none?
+        if parser.send_same_site_none? || generate_legacy
           cookies = set_cookie.split(COOKIE_SEPARATOR)
           ssl = Rack::Request.new(env).ssl?
 
@@ -28,10 +29,17 @@ def call(env)
               cookie << '; Secure'
             end
 
-            unless cookie =~ /;\s*samesite=/i
-              cookie << '; SameSite=None'
+            if parser.send_same_site_none?
+              unless cookie =~ /;\s*samesite=/i
+                cookie << '; SameSite=None'
+              end
             end
 
+            if generate_legacy
+              cookie_name, cookie_value = cookie.split('=', 2)
+              legacy_cookie = "#{COOKIE_SEPARATOR} #{cookie_name}-legacy=#{cookie_value}"
+              cookie << legacy_cookie
+            end
           end
 
           headers['Set-Cookie'] = cookies.join(COOKIE_SEPARATOR)

spec/configuration_spec.rb

@@ -4,4 +4,10 @@
     config.user_agent_regex = /dsasdd/
     expect(config.user_agent_regex).to eq(/dsasdd/)
   end
+
+  it "sets legacy cookie generation" do
+    config = described_class.new
+    config.user_agent_regex = true
+    expect(config.user_agent_regex).to be_truthy
+  end
 end

spec/middleware_spec.rb

@@ -33,7 +33,38 @@
       response = request.post("/some/path", 'HTTP_USER_AGENT' => '')
       expect(response['Set-Cookie']).to match(/;\s*samesite=none/i)
     end
+  end
+
+  context "when configured to generate legacy cookie" do
+    let(:request) { Rack::MockRequest.new(subject) }
+    before(:each) do
+      RailsSameSiteCookie.configure do |config|
+        config.generate_legacy_cookie = true
+      end
+    end
+
+    context "when configured without same site support user agent" do
+      let(:response) { request.post("/some/path", 'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Safari/605.1.15') }
+      it "adds legacy cookies for all requests" do
+        expect(response['Set-Cookie']).to match(/;\s*thiscookie-legacy=/i)
+      end
+
+      it "does not add SameSite=None to cookies for all requests" do
+        expect(response['Set-Cookie']).to_not match(/;\s*samesite=none/i)
+      end
+    end
 
+    context "when configured with same site support user agent" do
+      it "adds legacy cookies for all requests" do
+        response = request.post("/some/path", 'HTTP_USER_AGENT' => '')
+        expect(response['Set-Cookie']).to match(/\s*thiscookie-legacy=/i)
+      end
+
+      it "adds SameSite=None to cookies for all requests" do
+        response = request.post("/some/path", 'HTTP_USER_AGENT' => '')
+        expect(response['Set-Cookie']).to match(/;\s*samesite=none/i)
+      end
+    end
   end
 
 end

spec/rails_same_site_cookie_spec.rb

@@ -8,6 +8,8 @@
       expect(config.is_a?(RailsSameSiteCookie::Configuration)).to be(true)
       expect(config).to respond_to(:user_agent_regex)
       expect(config).to respond_to("user_agent_regex=")
+      expect(config).to respond_to(:generate_legacy_cookie)
+      expect(config).to respond_to("generate_legacy_cookie=")
     end
   end
 end