[ARVADOS] updated: 2.1.0-264-gbd5359349
Git user
git at public.arvados.org
Thu Jan 21 18:15:39 UTC 2021
Summary of changes:
doc/api/keep-web-urls.html.textile.liquid | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
via bd535934937eb0863bd8eaec0b62ab81bc8e4700 (commit)
from 5727f64521ea7222422dd48e48793a0fe10253f4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit bd535934937eb0863bd8eaec0b62ab81bc8e4700
Author: Lucas Di Pentima <lucas at di-pentima.com.ar>
Date: Thu Jan 21 15:15:20 2021 -0300
17109: Fixes typo.
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas at di-pentima.com.ar>
diff --git a/doc/api/keep-web-urls.html.textile.liquid b/doc/api/keep-web-urls.html.textile.liquid
index 90df5b9fd..1770a259b 100644
--- a/doc/api/keep-web-urls.html.textile.liquid
+++ b/doc/api/keep-web-urls.html.textile.liquid
@@ -76,7 +76,7 @@ pre. http://collections.example.com/collections/uuid_or_pdh/foo/bar.txt
h2(#same-site). Same-site requirements for requests with tokens
-Although keep-web doesn't care about the domain part of the URL, the clients do: specially when rendering inline content.
+Although keep-web doesn't care about the domain part of the URL, the clients do: especially when rendering inline content.
When a client passes a token in the URL, keep-web sends a redirect response placing the token in a @Set-Cookie@ header with the @SameSite=Lax@ attribute. The browser will ignore the cookie if it's not coming from a _same-site_ request, and thus its subsequent request will fail with a @401 Unauthorized@ error.
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list