Menu
▾
▴
Re: [naviserver-devel] Cookie Same-Site "None"
|
From: Gustaf N. <ne...@wu...> - 2020-09-01 13:21:41
|
Dear Wolfgang, i've added a followup change, such that that the omission of "-samesite" flag on ns_cookie does not result into a "samesite=none". This is more conservative. -g On 01.09.20 10:18, Wolfgang Winkler via naviserver-devel wrote: > > Dear Gustaf, > > bthanks for the speedy fix. We've cherry picked the commit for 4.99.19 > and it works flawlessly. > > Cookie handling has become a catch up game lately, as browser vendors > are getting more and more creative without a proper standardization > process. > > Regards, > > wiwo > > Am 31.08.20 um 12:54 schrieb Gustaf Neumann: >> Wolfgang, >> >> you are right, explicit setting of same-site=none is necessary now. >> >> In previous versions of browsers, no explicit setting >> of the same-site flag was exactly the same as explicit setting >> (an implicit default of same-site=none) >> >> Since some browsers switched to a default of "lax", explicit >> setting became necessary. >> >> Fixed now on bitbucket. >> >> -gn >> >> PS: it is not developer-friendly that the behavior is changed >> on the fly.... On the client site, the disruptive behavior >> change was intended, so changing the default value on the >> server is probably not good - and is left unchanged. >> >> >> >> _______________________________________________ >> naviserver-devel mailing list >> nav...@li... >> https://lists.sourceforge.net/lists/listinfo/naviserver-devel > -- > > *Wolfgang Winkler* > Geschäftsführung > wol...@di... > mobil +43.699.19971172 > > dc:*büro* > digital concepts Novak Winkler OG > Software & Design > Landstraße 68, 5. Stock, 4020 Linz > www.digital-concepts.com <http://www.digital-concepts.com> > tel +43.732.997117.72 > tel +43.699.1997117.2 > > Firmenbuchnummer: 192003h > Firmenbuchgericht: Landesgericht Linz > > > > > _______________________________________________ > naviserver-devel mailing list > nav...@li... > https://lists.sourceforge.net/lists/listinfo/naviserver-devel |
