Skip to content

Add support for cookie 'samesite' option #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 13, 2018
Merged

Add support for cookie 'samesite' option #115

merged 1 commit into from
Jan 13, 2018

Conversation

farshiana
Copy link
Contributor

No description provided.

@coveralls
Copy link

coveralls commented Jan 13, 2018
edited
Loading

Coverage Status

Coverage remained the same at 100.0% when pulling 7a33f9c on farshiana:option_cookie_samesite into 32a1f3c on vimalloc:master.

@vimalloc vimalloc merged commit 024fd32 into vimalloc:master Jan 13, 2018
@vimalloc
Copy link
Owner

This is great. Thanks for contributing! 👍

@johaven
Copy link

johaven commented Feb 9, 2018
edited
Loading

At this time latest version of Flask does not require Werkzeug 0.14 but 0.13.
I got this error with 3.6.0 when set_cookie is called:

flask_jwt_extended/utils.py", line 198, in set_access_cookies
    samesite=config.cookie_samesite)
TypeError: set_cookie() got an unexpected keyword argument 'samesite'

It would be cool to keep a compatibility mode :)

@vimalloc
Copy link
Owner

It looks like the requirements for flask are actually just Werkzeug>=0.7, so on a fresh install of flask it should have a sufficiently high version (as of writing 0.14.1), but if you already have flask installed it may be out of date. That could be fixed by doing an upgrade of Werkzeug manually in your virtual environment.

I'm going to add Werkzeug>=0.14 to the requirements of this extension to help alleviate this. If this is not sufficient to solve this issue I will look at ways to disable the samesite feature on older versions of Werkzeug.

Cheers :)

vimalloc added a commit that referenced this pull request Feb 10, 2018
@vimalloc
Add Werkzeug>=0.14 to install requirements
1f10354 
This addresses the issue with the samesite cookie feature outlined
in #115
@johaven
Copy link

johaven commented Feb 10, 2018
edited
Loading

You have right, latest version of Flask requires >=0.7, when i installed the last Flask version the version 0.14 was not out. Thank you :)

@johaven
Copy link

johaven commented Feb 10, 2018

Another little request, in documentation could you specify for JWT_COOKIE_SAMESITE section :

Possible values for the flag are lax or strict

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@farshiana @coveralls @vimalloc @johaven