Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert "STCOR-853 do not include credential in /authn/token request" #1486

Merged
merged 1 commit into from
May 30, 2024
Merged

Revert "STCOR-853 do not include credential in /authn/token request" #1486

merged 1 commit into from
May 30, 2024

Conversation

zburke
Copy link
Member

@zburke zburke commented May 30, 2024

Reverts #1480

We don't want to send old cookies, but we do want to recieve new cookies. omit ignores both:

omit: Tells browsers to exclude credentials from the request, and ignore any credentials sent back in the response (e.g., any Set-Cookie header).

We may still have a cookie exchange problem, but if we do, credentials: "omit" won't solve it.

@github-actions GitHub Actions
Copy link

Jest Unit Test Statistics

226 tests   - 2   226 ✔️  - 2   59s ⏱️ -1s
  44 suites  - 1       0 💤 ±0 
    1 files   ±0       0 ±0 

Results for commit e4fcb41. ± Comparison against base commit d6e7af8.

@github-actions GitHub Actions
Copy link

BigTest Unit Test Statistics

    1 files  ±0      1 suites  ±0   10s ⏱️ ±0s
266 tests ±0  260 ✔️ ±0  6 💤 ±0  0 ±0 
269 runs  ±0  263 ✔️ ±0  6 💤 ±0  0 ±0 

Results for commit e4fcb41. ± Comparison against base commit d6e7af8.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented May 30, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@zburke zburke merged commit 13001bf into keycloak-ramsons May 30, 2024
6 checks passed
@zburke zburke deleted the revert-1480-STCOR-853 branch May 30, 2024 21:05
zburke added a commit that referenced this pull request Jun 11, 2024
@zburke
Revert "STCOR-853 do not include credential in /authn/token request (#…
91ae4f9 
…1480)" (#1486)

This reverts commit d6e7af8.

We don't want to _send_ old cookies, but we do want to _receive_ new
cookies. `omit` ignores both. From
https://developer.mozilla.org/en-US/docs/Web/API/fetch#credentials:

> `omit`: Tells browsers to exclude credentials from the request, and
> ignore any credentials sent back in the response (e.g., any Set-Cookie
> header).

We may still have a cookie exchange problem, but if we do, `credentials:
"omit"` won't solve it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@zburke