Uploaded image for project: 'Planet4'
  1. Planet4
  2. PLANET-5320

P4 Cookies should implement the 'Secure' attribute

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Released
    • Icon: Should have Should have
    • 2.38.1
    • 3
    • Block: Cookies

      Cookies set by P4 currently have:

      SameSite=None

      To make sure these cookies keep functioning in the future, a new attribute should be added

      SameSite=None; Secure

      This still allows cross-domain cookies, but restricts these cookies to be used in Secure domains only.

       

      This should not affect functionality, other than ensure proper functioning when browsers get more strict about rejecting these cookies.

       

      See:
      https://developer.mozilla.org/nl/docs/Web/HTTP/Headers/Set-Cookie/SameSite#Secure

            dpivo Dylan Pivo
            okeur Oscar Keur
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: