Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
erp5 erp5
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Labels
    • Labels
  • Merge requests 139
    • Merge requests 139
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Jobs
  • Commits
Collapse sidebar
  • nexedi
  • erp5erp5
  • Merge requests
  • !976

Closed
Created Oct 31, 2019 by Romain Courteaud@romain🐙Owner
  • Report abuse
Report abuse

[erp5_core] Use SameSite=None cookie

  • Overview 2
  • Commits 1
  • Changes 1

The Chrome dev team plans to change the default cookie behaviour by setting the SameSite attribute to Lax.

This will break OfficeJS access for Chrome 80 users, as the cookie will not be send anymore when erp5 would be accessed from the external web site.

In order to keep the current functionalities, one quick solution is too manually set the SameSite value to None.

Of course, doing it would prevent to get all the benefits of the Lax value. But I believe we would have to finish MR138 to get it.

Assignee
Assign to
Reviewer
Request review from
None
Milestone
None
Assign milestone
Time tracking
Source branch: samesite
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7