Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default cookie setter in OAuth is not setting samesite = None #352 #353

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Default cookie setter in OAuth is not setting samesite = None #352 #353

wants to merge 1 commit into from

Conversation

Kudze
Copy link

@Kudze Kudze commented Jul 1, 2024
edited
Loading

WHY are these changes introduced?

Fixes #352

For context read the issue I created.

WHAT is this pull request doing?

Basically sets samesite=none for cookies created in OAuth2.

Type of change

  • Patch: Bug (non-breaking change which fixes an issue)
  • Minor: New feature (non-breaking change which adds functionality)
  • Major: Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist

  • I have added a changelog entry, prefixed by the type of change noted above
  • I have added/updated tests for this change
  • I have updated the documentation for public APIs from the library (if applicable)

@Kudze
Copy link
Author

Kudze commented Jul 1, 2024

I have signed the CLA!

@matteodepalo
Copy link
Contributor

Wouldn't this make cookies 3rd party cookies? If so I'm not sure we want them as browser will start block them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Waiting for Response
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Default cookie setter in OAuth is not setting samesite = None
2 participants
@Kudze @matteodepalo