From c952754c8cdf7d0eb51e827e625b9872cf75fd12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Sat, 12 Feb 2022 17:01:52 +0100
Subject: [PATCH 01/11] Add videojs-persist plugin

---
 assets/js/player.js                               | 3 +++
 src/invidious/views/components/player_sources.ecr | 1 +
 videojs-dependencies.yml                          | 4 ++++
 3 files changed, 8 insertions(+)

diff --git a/assets/js/player.js b/assets/js/player.js
index 81a27009..5880bedc 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -677,3 +677,6 @@ if (window.location.pathname.startsWith("/embed/")) {
     cb = player.getChild('ControlBar')
     cb.addChild(watch_on_invidious_button)
 };
+
+// Add usage of videojs-persist
+player.persist();
diff --git a/src/invidious/views/components/player_sources.ecr b/src/invidious/views/components/player_sources.ecr
index 9af3899c..305464c8 100644
--- a/src/invidious/views/components/player_sources.ecr
+++ b/src/invidious/views/components/player_sources.ecr
@@ -11,6 +11,7 @@
 <script src="/videojs/videojs-contrib-quality-levels/videojs-contrib-quality-levels.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-http-source-selector/videojs-http-source-selector.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-markers/videojs-markers.js?v=<%= ASSET_COMMIT %>"></script>
+<script src="/videojs/videojs-persist/videojs-persist.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-share/videojs-share.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-vtt-thumbnails/videojs-vtt-thumbnails.js?v=<%= ASSET_COMMIT %>"></script>
 
diff --git a/videojs-dependencies.yml b/videojs-dependencies.yml
index 6de23d25..b9754e0e 100644
--- a/videojs-dependencies.yml
+++ b/videojs-dependencies.yml
@@ -25,6 +25,10 @@ videojs-overlay:
   version: 2.1.4
   shasum: 5a103b25374dbb753eb87960d8360c2e8f39cc05
 
+videojs-persist:
+  version: 0.1.2
+  shasum: 44da05aced1fbf15693a36b7cce3cc4a9960dabe
+
 videojs-share:
   version: 3.2.1
   shasum: 0a3024b981387b9d21c058c829760a72c14b8ceb

From 17ae2648edb63ca0ca0d08b346adea1ada61d252 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Sat, 12 Feb 2022 17:34:19 +0100
Subject: [PATCH 02/11] Modify use of module (Only if video settings are
 default)

Following remark at https://github.com/iv-org/invidious/pull/2895#issuecomment-1037279953
---
 assets/js/player.js | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 5880bedc..34f721b4 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -176,8 +176,16 @@ if (video_data.params.video_start > 0 || video_data.params.video_end > 0) {
     player.currentTime(video_data.params.video_start);
 }
 
-player.volume(video_data.params.volume / 100);
-player.playbackRate(video_data.params.speed);
+/*
+    If the video settings are default, we enable the management of the settings by
+    the videojs-persist module otherwise we apply the preferences.
+*/
+if (video_data.params.volume == 100 && video_data.params.speed == "1.0")
+    player.persist();
+else {
+    player.volume(video_data.params.volume / 100);
+    player.playbackRate(video_data.params.speed);
+}
 
 player.on('waiting', function () {
     if (player.playbackRate() > 1 && player.liveTracker.isLive() && player.liveTracker.atLiveEdge()) {
@@ -677,6 +685,3 @@ if (window.location.pathname.startsWith("/embed/")) {
     cb = player.getChild('ControlBar')
     cb.addChild(watch_on_invidious_button)
 };
-
-// Add usage of videojs-persist
-player.persist();

From 7048193f00a80617093eb9d8e1bc4557159afd74 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Sat, 12 Feb 2022 22:07:41 +0100
Subject: [PATCH 03/11] Move store of modification in Cookie instead of
 localStorage

---
 assets/js/player.js                           | 56 ++++++++++++++++---
 src/invidious/user/cookies.cr                 |  2 +-
 .../views/components/player_sources.ecr       |  1 -
 videojs-dependencies.yml                      |  4 --
 4 files changed, 48 insertions(+), 15 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 34f721b4..5498df48 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -176,17 +176,55 @@ if (video_data.params.video_start > 0 || video_data.params.video_end > 0) {
     player.currentTime(video_data.params.video_start);
 }
 
-/*
-    If the video settings are default, we enable the management of the settings by
-    the videojs-persist module otherwise we apply the preferences.
-*/
-if (video_data.params.volume == 100 && video_data.params.speed == "1.0")
-    player.persist();
-else {
-    player.volume(video_data.params.volume / 100);
-    player.playbackRate(video_data.params.speed);
+player.volume(video_data.params.volume / 100);
+player.playbackRate(video_data.params.speed);
+
+/**
+ * Method for get content of Cookie
+ * @param {String} name Name of cookie
+ * @returns cookieValue
+ */
+function getCookieValue(name) {
+    var value = document.cookie.split(";").filter(item => {
+        return item.includes(name + "=");
+    });
+    return value != null && value.length >= 1 ? value[0].substring((name + "=").length, value[0].length) : null;
 }
 
+/**
+ * Method for update Prefs cookie (Or create if missing)
+ * @param {number} newVolume New Volume defined (Null if unchanged)
+ * @param {number} newSpeed New Speed defined (Null if unchanged)
+ */
+function updateCookie(newVolume, newSpeed) {
+    var volumeValue = newVolume != null ? newVolume : video_data.params.volume;
+    var speedValue = newSpeed != null ? newSpeed : video_data.params.speed;
+    var cookieValue = getCookieValue('PREFS');
+    if (cookieValue != null) {
+        var cookieJson = JSON.parse(decodeURIComponent(cookieValue));
+        cookieJson.volume = volumeValue;
+        cookieJson.speed = speedValue;
+        document.cookie = document.cookie.replace(getCookieValue('PREFS'), encodeURIComponent(JSON.stringify(cookieJson)));
+    } else {
+        var date = new Date();
+        //Set expiration in 2 year
+        date.setTime(date.getTime() + 63115200);
+        document.cookie = 'PREFS=' +
+            encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue })) +
+            '; expires=' + date.toGMTString() + '; SameSite=Strict; path=/';
+    }
+    video_data.params.volume = volumeValue;
+    video_data.params.speed = speedValue;
+}
+
+player.on('ratechange', function () {
+    updateCookie(null, player.playbackRate());
+});
+
+player.on('volumechange', function () {
+    updateCookie(Math.ceil(player.volume() * 100), null);
+});
+
 player.on('waiting', function () {
     if (player.playbackRate() > 1 && player.liveTracker.isLive() && player.liveTracker.atLiveEdge()) {
         console.log('Player has caught up to source, resetting playbackRate.')
diff --git a/src/invidious/user/cookies.cr b/src/invidious/user/cookies.cr
index 99df1b07..367f700f 100644
--- a/src/invidious/user/cookies.cr
+++ b/src/invidious/user/cookies.cr
@@ -30,7 +30,7 @@ struct Invidious::User
         value: URI.encode_www_form(preferences.to_json),
         expires: Time.utc + 2.years,
         secure: SECURE,
-        http_only: true
+        http_only: false
       )
     end
   end
diff --git a/src/invidious/views/components/player_sources.ecr b/src/invidious/views/components/player_sources.ecr
index 305464c8..9af3899c 100644
--- a/src/invidious/views/components/player_sources.ecr
+++ b/src/invidious/views/components/player_sources.ecr
@@ -11,7 +11,6 @@
 <script src="/videojs/videojs-contrib-quality-levels/videojs-contrib-quality-levels.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-http-source-selector/videojs-http-source-selector.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-markers/videojs-markers.js?v=<%= ASSET_COMMIT %>"></script>
-<script src="/videojs/videojs-persist/videojs-persist.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-share/videojs-share.js?v=<%= ASSET_COMMIT %>"></script>
 <script src="/videojs/videojs-vtt-thumbnails/videojs-vtt-thumbnails.js?v=<%= ASSET_COMMIT %>"></script>
 
diff --git a/videojs-dependencies.yml b/videojs-dependencies.yml
index b9754e0e..6de23d25 100644
--- a/videojs-dependencies.yml
+++ b/videojs-dependencies.yml
@@ -25,10 +25,6 @@ videojs-overlay:
   version: 2.1.4
   shasum: 5a103b25374dbb753eb87960d8360c2e8f39cc05
 
-videojs-persist:
-  version: 0.1.2
-  shasum: 44da05aced1fbf15693a36b7cce3cc4a9960dabe
-
 videojs-share:
   version: 3.2.1
   shasum: 0a3024b981387b9d21c058c829760a72c14b8ceb

From 1e3f4ed3983f3b101a259f8164511665f25f878e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Thu, 17 Feb 2022 22:22:04 +0100
Subject: [PATCH 04/11] Lint player.js

Follow lint indications :
- https://github.com/iv-org/invidious/pull/2895#discussion_r809461103
- https://github.com/iv-org/invidious/pull/2895#discussion_r809461622
---
 assets/js/player.js | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 5498df48..3c58cb62 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -185,9 +185,7 @@ player.playbackRate(video_data.params.speed);
  * @returns cookieValue
  */
 function getCookieValue(name) {
-    var value = document.cookie.split(";").filter(item => {
-        return item.includes(name + "=");
-    });
+    var value = document.cookie.split(";").filter(item => item.includes(name + "="));
     return value != null && value.length >= 1 ? value[0].substring((name + "=").length, value[0].length) : null;
 }
 
@@ -207,7 +205,7 @@ function updateCookie(newVolume, newSpeed) {
         document.cookie = document.cookie.replace(getCookieValue('PREFS'), encodeURIComponent(JSON.stringify(cookieJson)));
     } else {
         var date = new Date();
-        //Set expiration in 2 year
+        // Set expiration in 2 year
         date.setTime(date.getTime() + 63115200);
         document.cookie = 'PREFS=' +
             encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue })) +

From 8e4959a62138a67b07ae998175f46cc42ac9e239 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Tue, 22 Feb 2022 13:15:53 +0100
Subject: [PATCH 05/11] Update cookie declaration for preserve SameSite
 directive

---
 assets/js/player.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 3c58cb62..21e64d9d 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -209,7 +209,7 @@ function updateCookie(newVolume, newSpeed) {
         date.setTime(date.getTime() + 63115200);
         document.cookie = 'PREFS=' +
             encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue })) +
-            '; expires=' + date.toGMTString() + '; SameSite=Strict; path=/';
+            '; SameSite=Strict; path=/; expires=' + date.toGMTString() + ';';
     }
     video_data.params.volume = volumeValue;
     video_data.params.speed = speedValue;

From 09a585c93bb28a49c9538b47803bb5341e9f928b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Tue, 22 Feb 2022 18:57:21 +0100
Subject: [PATCH 06/11] Add sameSite policy in cookie management in server side

---
 src/invidious/user/cookies.cr | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/invidious/user/cookies.cr b/src/invidious/user/cookies.cr
index 367f700f..65e079ec 100644
--- a/src/invidious/user/cookies.cr
+++ b/src/invidious/user/cookies.cr
@@ -17,7 +17,8 @@ struct Invidious::User
         value: sid,
         expires: Time.utc + 2.years,
         secure: SECURE,
-        http_only: true
+        http_only: true,
+        samesite: HTTP::Cookie::SameSite::Strict
       )
     end
 
@@ -30,7 +31,8 @@ struct Invidious::User
         value: URI.encode_www_form(preferences.to_json),
         expires: Time.utc + 2.years,
         secure: SECURE,
-        http_only: false
+        http_only: false,
+        samesite: HTTP::Cookie::SameSite::Strict
       )
     end
   end

From ad6b29c09f3721cabdb1cb44de8a71f0498f3e13 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Tue, 22 Feb 2022 18:58:41 +0100
Subject: [PATCH 07/11] Update cookie domain definition in player script

Related with :
https://github.com/iv-org/invidious/pull/2895#issuecomment-1047762544
---
 assets/js/player.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 21e64d9d..c7dd9159 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -207,9 +207,14 @@ function updateCookie(newVolume, newSpeed) {
         var date = new Date();
         // Set expiration in 2 year
         date.setTime(date.getTime() + 63115200);
+        var ipv4Regex = /(([0-1]?[0-9]{1,2}\.)|(2[0-4][0-9]\.)|(25[0-5]\.)){3}(([0-1]?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5]))/;
+        var ipv6Regex = /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/;
+        var domainUsed = window.location.hostname;
+        if (!ipv4Regex.test(domainUsed) && !ipv6Regex.test(domainUsed) && domainUsed != 'localhost')
+            domainUsed = '.' + window.location.hostname;
         document.cookie = 'PREFS=' +
             encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue })) +
-            '; SameSite=Strict; path=/; expires=' + date.toGMTString() + ';';
+            '; SameSite=Strict; path=/; domain=' + domainUsed + '; expires=' + date.toGMTString() + ';';
     }
     video_data.params.volume = volumeValue;
     video_data.params.speed = speedValue;

From aa8758dec29cb70dbdd3e34af74a4925b0990225 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Tue, 22 Feb 2022 20:05:22 +0100
Subject: [PATCH 08/11] Patch updateCookie for preserve extra args (like
 domain)

---
 assets/js/player.js | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index c7dd9159..8057b678 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -198,24 +198,25 @@ function updateCookie(newVolume, newSpeed) {
     var volumeValue = newVolume != null ? newVolume : video_data.params.volume;
     var speedValue = newSpeed != null ? newSpeed : video_data.params.speed;
     var cookieValue = getCookieValue('PREFS');
+    var cookieData;
     if (cookieValue != null) {
         var cookieJson = JSON.parse(decodeURIComponent(cookieValue));
         cookieJson.volume = volumeValue;
         cookieJson.speed = speedValue;
-        document.cookie = document.cookie.replace(getCookieValue('PREFS'), encodeURIComponent(JSON.stringify(cookieJson)));
+        cookieData = encodeURIComponent(JSON.stringify(cookieJson));
     } else {
-        var date = new Date();
-        // Set expiration in 2 year
-        date.setTime(date.getTime() + 63115200);
-        var ipv4Regex = /(([0-1]?[0-9]{1,2}\.)|(2[0-4][0-9]\.)|(25[0-5]\.)){3}(([0-1]?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5]))/;
-        var ipv6Regex = /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/;
-        var domainUsed = window.location.hostname;
-        if (!ipv4Regex.test(domainUsed) && !ipv6Regex.test(domainUsed) && domainUsed != 'localhost')
-            domainUsed = '.' + window.location.hostname;
-        document.cookie = 'PREFS=' +
-            encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue })) +
-            '; SameSite=Strict; path=/; domain=' + domainUsed + '; expires=' + date.toGMTString() + ';';
+        cookieData = encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue }));
     }
+    var date = new Date();
+    // Set expiration in 2 year
+    date.setTime(date.getTime() + 63115200);
+    var ipv4Regex = /(([0-1]?[0-9]{1,2}\.)|(2[0-4][0-9]\.)|(25[0-5]\.)){3}(([0-1]?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5]))/;
+    var ipv6Regex = /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/;
+    var domainUsed = window.location.hostname;
+    if (!ipv4Regex.test(domainUsed) && !ipv6Regex.test(domainUsed) && domainUsed != 'localhost')
+        domainUsed = '.' + window.location.hostname;
+    document.cookie = 'PREFS=' + cookieData + '; SameSite=Strict; path=/; domain=' +
+        domainUsed + '; expires=' + date.toGMTString() + ';';
     video_data.params.volume = volumeValue;
     video_data.params.speed = speedValue;
 }

From e66b317f020d4e18ed0e924d1c8f81a80fdb78f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9ry=20Mathieu=20=28Mathius=29?=
 <ferymathieuy@gmail.com>
Date: Tue, 22 Feb 2022 22:53:26 +0100
Subject: [PATCH 09/11] Reduce regex in player script

Following correction at:
https://github.com/iv-org/invidious/pull/2895#issuecomment-1048245008
---
 assets/js/player.js | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 8057b678..4681340f 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -210,10 +210,9 @@ function updateCookie(newVolume, newSpeed) {
     var date = new Date();
     // Set expiration in 2 year
     date.setTime(date.getTime() + 63115200);
-    var ipv4Regex = /(([0-1]?[0-9]{1,2}\.)|(2[0-4][0-9]\.)|(25[0-5]\.)){3}(([0-1]?[0-9]{1,2})|(2[0-4][0-9])|(25[0-5]))/;
-    var ipv6Regex = /(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))/;
+    var ipRegex = /^((\d+\.){3}\d+|[A-Fa-f0-9]*:[A-Fa-f0-9:]*:[A-Fa-f0-9:]+)$/;
     var domainUsed = window.location.hostname;
-    if (!ipv4Regex.test(domainUsed) && !ipv6Regex.test(domainUsed) && domainUsed != 'localhost')
+    if (!ipRegex.test(domainUsed) && domainUsed != 'localhost')
         domainUsed = '.' + window.location.hostname;
     document.cookie = 'PREFS=' + cookieData + '; SameSite=Strict; path=/; domain=' +
         domainUsed + '; expires=' + date.toGMTString() + ';';

From 6aa7db2358c3c329ca3340a9087291bd36faf54a Mon Sep 17 00:00:00 2001
From: Samantaz Fox <coding@samantaz.fr>
Date: Sat, 9 Apr 2022 19:58:49 +0200
Subject: [PATCH 10/11] Minor code/comments cleaning

---
 assets/js/player.js | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index 4681340f..b694a34b 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -180,25 +180,32 @@ player.volume(video_data.params.volume / 100);
 player.playbackRate(video_data.params.speed);
 
 /**
- * Method for get content of Cookie
+ * Method for getting the contents of a cookie
+ *
  * @param {String} name Name of cookie
  * @returns cookieValue
  */
 function getCookieValue(name) {
     var value = document.cookie.split(";").filter(item => item.includes(name + "="));
-    return value != null && value.length >= 1 ? value[0].substring((name + "=").length, value[0].length) : null;
+
+    return (value != null && value.length >= 1)
+        ? value[0].substring((name + "=").length, value[0].length)
+        : null;
 }
 
 /**
- * Method for update Prefs cookie (Or create if missing)
- * @param {number} newVolume New Volume defined (Null if unchanged)
- * @param {number} newSpeed New Speed defined (Null if unchanged)
+ * Method for updating the "PREFS" cookie (or creating it if missing)
+ *
+ * @param {number} newVolume New volume defined (null if unchanged)
+ * @param {number} newSpeed New speed defined (null if unchanged)
  */
 function updateCookie(newVolume, newSpeed) {
     var volumeValue = newVolume != null ? newVolume : video_data.params.volume;
     var speedValue = newSpeed != null ? newSpeed : video_data.params.speed;
+
     var cookieValue = getCookieValue('PREFS');
     var cookieData;
+
     if (cookieValue != null) {
         var cookieJson = JSON.parse(decodeURIComponent(cookieValue));
         cookieJson.volume = volumeValue;
@@ -207,15 +214,20 @@ function updateCookie(newVolume, newSpeed) {
     } else {
         cookieData = encodeURIComponent(JSON.stringify({ 'volume': volumeValue, 'speed': speedValue }));
     }
-    var date = new Date();
+
     // Set expiration in 2 year
+    var date = new Date();
     date.setTime(date.getTime() + 63115200);
+
     var ipRegex = /^((\d+\.){3}\d+|[A-Fa-f0-9]*:[A-Fa-f0-9:]*:[A-Fa-f0-9:]+)$/;
     var domainUsed = window.location.hostname;
+
     if (!ipRegex.test(domainUsed) && domainUsed != 'localhost')
         domainUsed = '.' + window.location.hostname;
+
     document.cookie = 'PREFS=' + cookieData + '; SameSite=Strict; path=/; domain=' +
         domainUsed + '; expires=' + date.toGMTString() + ';';
+
     video_data.params.volume = volumeValue;
     video_data.params.speed = speedValue;
 }

From 95d86ebf2295cbdbcedb2ba9f714abe747ae8618 Mon Sep 17 00:00:00 2001
From: Samantaz Fox <coding@samantaz.fr>
Date: Sat, 9 Apr 2022 20:04:42 +0200
Subject: [PATCH 11/11] Sanity check + comment why we add a leading dot

---
 assets/js/player.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/assets/js/player.js b/assets/js/player.js
index b694a34b..13562974 100644
--- a/assets/js/player.js
+++ b/assets/js/player.js
@@ -222,7 +222,8 @@ function updateCookie(newVolume, newSpeed) {
     var ipRegex = /^((\d+\.){3}\d+|[A-Fa-f0-9]*:[A-Fa-f0-9:]*:[A-Fa-f0-9:]+)$/;
     var domainUsed = window.location.hostname;
 
-    if (!ipRegex.test(domainUsed) && domainUsed != 'localhost')
+    // Fix for a bug in FF where the leading dot in the FQDN is not ignored
+    if (domainUsed.charAt(0) != '.' && !ipRegex.test(domainUsed) && domainUsed != 'localhost')
         domainUsed = '.' + window.location.hostname;
 
     document.cookie = 'PREFS=' + cookieData + '; SameSite=Strict; path=/; domain=' +