Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

set secureProxy=true when running behind an ssl proxy #4100

Merged
merged 2 commits into from Mar 27, 2014

Conversation

Projects
None yet
2 participants
Member

jrgm commented Mar 3, 2014

I'm not really thrilled with this change (1. should I add a config to say 'over ssl but using ssl termination out of process, and 2. client-sessions should be easier to use/better documented for this very common case).

Member

jrgm commented Mar 3, 2014

I guess I didn't explain the "why" of this change: basically the upgrades in client-session and its dependent cookies leads to what was pointed out in mozilla/node-client-sessions#30 (comment). I'd also noticed a couple of weeks ago that awsbox deployments were not setting cookies for /wsapi (and probably a production deploy would have been broken too).

Owner

6a68 commented Mar 9, 2014

Thanks @jrgm! Any thoughts on how we could test this bug fix? (I'm happy to write the tests if you're not up for it, I could use a guide though--been a while.)

Member

jrgm commented Mar 17, 2014

@6a68 - added a test for this. Please have a look when you get spare time.

@6a68 6a68 added this to the First post-whatever train milestone Mar 26, 2014

Owner

6a68 commented Mar 27, 2014

🍻

6a68 added a commit that referenced this pull request Mar 27, 2014

Merge pull request #4100 from jrgm/fixish-for-client-sessions-and-oop…
…-ssl

set secureProxy=true when running behind an ssl proxy

@6a68 6a68 merged commit a6aebc3 into mozilla:dev Mar 27, 2014

1 check passed

default The Travis CI build passed
Details
Owner

6a68 commented Mar 27, 2014

@jrgm Works for me. About your comments in the pull request, if you think a config would be good, go ahead and file a followup bug.

@jrgm jrgm modified the milestone: First post-whatever train Mar 27, 2014

@sansmischevia sansmischevia referenced this pull request in mozilla/node-client-sessions Apr 23, 2014

Closed

Cookies not marked as secure? #53

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment