From 92b167abe0870e80e23f307e91a002af10b1c902 Mon Sep 17 00:00:00 2001
From: Jenny Ferries <jeferrie@microsoft.com>
Date: Mon, 10 Feb 2020 11:50:14 -0800
Subject: [PATCH] fix samesite bug from aspnet code to check for null userAgent

---
 Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs b/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs
index e7d6dcb9..58402234 100644
--- a/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs
+++ b/Microsoft.Identity.Web/WebAppServiceCollectionExtensions.cs
@@ -206,6 +206,11 @@ private static void CheckSameSite(HttpContext httpContext, CookieOptions options
         // Method taken from https://devblogs.microsoft.com/aspnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/
         public static bool DisallowsSameSiteNone(string userAgent)
         {
+            if (string.IsNullOrEmpty(userAgent))
+            {
+                return false;
+            }
+
             // Cover all iOS based browsers here. This includes:
             // - Safari on iOS 12 for iPhone, iPod Touch, iPad
             // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad