[prev in list] [next in list] [prev in thread] [next in thread] 

List:       horde-dev
Subject:    [dev] Cookie Samesite warning
From:       Ralf Lang <lang () b1-systems ! de>
Date:       2020-09-01 14:52:43
Message-ID: 3a3c71b9-dbc2-b909-1005-58c8c796a415 () b1-systems ! de
[Download RAW message or body]

https://developer.mozilla.org/de/docs/Web/HTTP/Headers/Set-Cookie/SameSite

I get these on the "Horde" cookie on firefox 79.

Das Cookie "Horde" wird in Zukunft bald abgelehnt werden, da es für das
Attribut "sameSite" entweder "none" oder einen ungültigen Wert angibt,
ohne das "secure"-Attribut zu verwenden. Weitere Informationen zum
"sameSite"-Attribut finden Sie unter
https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

This basically says we need to change how we set the "Horde" auth
cookie, otherwise it will get rejected by future browser versions.

I've seen this on a non-https development site and need to verify if it
also affects https sites.

-- 
Ralf Lang
Linux Consultant / Developer
Tel.: +49-170-6381563
Mail: lang@b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537

-- 
dev mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQ
To unsubscribe, mail: dev-unsubscribe@lists.horde.org

[prev in list] [next in list] [prev in thread] [next in thread]