Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add config parameter to redeclare same site cookie setup #38458

Merged
merged 2 commits into from
Mar 4, 2021

Conversation

DeepDiver1975
Copy link
Member

@DeepDiver1975 DeepDiver1975 commented Mar 2, 2021

Description

In case of openid redirect the cookie samesite strict or lax are not working.

Use:

<?php
$CONFIG = [
        "http.cookie.samesite" => "None",

to choose a different setup

Related Issue

How Has This Been Tested?

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@update-docs
Copy link

update-docs bot commented Mar 2, 2021

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@DeepDiver1975 DeepDiver1975 changed the title fest: add config parameter to redeclare smae site cookie setup fest: add config parameter to redeclare same site cookie setup Mar 2, 2021
@DeepDiver1975 DeepDiver1975 force-pushed the feat/config-to-relax-samesite-cookie branch from ded2870 to 63c3bc8 Compare March 2, 2021 10:29
@mmattel
Copy link
Contributor

mmattel commented Mar 2, 2021

This will be docs relevant, pls do not forget to file a docs issue for a config-to-docs run when close to merge.

Copy link
Contributor

@C0rby C0rby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

@DeepDiver1975 DeepDiver1975 force-pushed the feat/config-to-relax-samesite-cookie branch from 63c3bc8 to f708e60 Compare March 4, 2021 08:01
@DeepDiver1975 DeepDiver1975 marked this pull request as ready for review March 4, 2021 08:02
@DeepDiver1975 DeepDiver1975 force-pushed the feat/config-to-relax-samesite-cookie branch from f708e60 to 2625377 Compare March 4, 2021 08:03
@DeepDiver1975 DeepDiver1975 changed the title fest: add config parameter to redeclare same site cookie setup feat: add config parameter to redeclare same site cookie setup Mar 4, 2021
@DeepDiver1975
Copy link
Member Author

@micbar pr is ready to be merged and released

@mmattel
Copy link
Contributor

mmattel commented Mar 4, 2021

@DeepDiver1975 I know you don´t like it, but pls do: #38458 (comment)

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

EDIT: let me rephrase, what would be the impact to a non openid environment when using strict or lax compared to the existing setup like without this PR?

@DeepDiver1975
Copy link
Member Author

@DeepDiver1975 I know you don´t like it, but pls do: #38458 (comment)

owncloud/docs#3260

@DeepDiver1975
Copy link
Member Author

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

the internet is full of explanation around this .... no need to duplicate this information.

@DeepDiver1975
Copy link
Member Author

EDIT: let me rephrase, what would be the impact to a non openid environment when using strict or lax compared to the existing setup like without this PR?

the default is 'strict' - same as before this pr - no no change in behavior.

config/config.sample.php Outdated Show resolved Hide resolved
@micbar
Copy link
Contributor

micbar commented Mar 4, 2021

@mmattel Thanks for the commit. Waiting for CI

@sonarcloud
Copy link

sonarcloud bot commented Mar 4, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@micbar micbar merged commit c28da6b into master Mar 4, 2021
@delete-merged-branch delete-merged-branch bot deleted the feat/config-to-relax-samesite-cookie branch March 4, 2021 11:45
@jnweiger
Copy link
Contributor

Can you pls give more info what the values mean/do? Possible values: Strict, Lax or None

the internet is full of explanation around this .... no need to duplicate this information.

Admin docu should make the connection from the error message "Unable to determine state" to the config setting "http.cookie.samesite"
I doubt the internet knows that much.

@mmattel
Copy link
Contributor

mmattel commented Mar 11, 2021

I added a link to the docs issue (owncloud/docs#3260 (comment)) where there is more information. If you agree we take a closer look on that link if the information provided satisfies the needs and in case not, we have to ask @DeepDiver1975 for an in depth input.

@gabi18
Copy link

gabi18 commented Mar 15, 2021

On macOS Mojave 10.14.6 (Safari 12.1.2) the error persists, see
#38519

Confirmed fixed on macOS BigSur 11.1 and 11.2.3.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

7 participants