[ARVADOS] created: 2.1.0-196-g976e10604
Git user
git at public.arvados.org
Tue Dec 8 20:05:36 UTC 2020
at 976e106047edaa52d8c9e4605fad21d5e8f1daf9 (commit)
commit 976e106047edaa52d8c9e4605fad21d5e8f1daf9
Author: Tom Clegg <tom at tomclegg.ca>
Date: Tue Dec 8 14:59:36 2020 -0500
16812: Set SameSite: None on keep-web cookies.
Without this, workbench can't use keep-web for image previews.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at tomclegg.ca>
diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index ab1bc080b..bd2438d26 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -768,6 +768,8 @@ func (h *handler) seeOtherWithCookie(w http.ResponseWriter, r *http.Request, loc
Value: auth.EncodeTokenCookie([]byte(formToken)),
Path: "/",
HttpOnly: true,
+ SameSite: http.SameSiteNoneMode,
+ Secure: true,
})
}
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list