You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/09/30 13:29:59 UTC

[GitHub] [couchdb] SinanGabel commented on issue #3181: Configuration same_site set to none makes CouchDB unusable

SinanGabel commented on issue #3181:
URL: https://github.com/apache/couchdb/issues/3181#issuecomment-701391468


   It must be "Secure" too.
   
   This you can set via a proxy web server (nginx or another).
   
   For nginx you can use the below where the first line solves the
   samsite=none problem:
   
   proxy_cookie_path / "/; HTTPOnly; Secure";
   
       # couchdb
       location ~ ^/(.*)/_changes {
           proxy_pass http://couchdb_node;
           proxy_redirect off;
           # Transfer-Encoding: chunked
           proxy_buffering off;
           proxy_set_header Host $host;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Ssl on;
       }
   
       location / {
           proxy_pass http://couchdb_node;
           proxy_redirect off;
           proxy_set_header Host $host;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Ssl on;
       }
   
   
   
   On Wed, 30 Sep 2020 at 14:09, grapevineai <no...@github.com> wrote:
   
   > Description
   >
   > If the configuration [couch_httpd_auth] same_site is set to "none", the
   > cookie is not saved in the browser. Sessions become unusable.
   > Steps to Reproduce
   >
   >    - Set [couch_httpd_auth] same_site=none
   >    - Try to login to Fauxton through the /_utils endpoint
   >
   > Expected Behaviour
   >
   > The cookie should be kept in the browser and the sessions should work
   > Your Environment
   >
   >    - CouchDB version used: 3.1.1
   >    - Browser name and version: Chrome 85.0.4183.121
   >    - Operating system and version: OSX
   >
   > Additional Context
   >
   > —
   > You are receiving this because you are subscribed to this thread.
   > Reply to this email directly, view it on GitHub
   > <https://github.com/apache/couchdb/issues/3181>, or unsubscribe
   > <https://github.com/notifications/unsubscribe-auth/ABKTZUU2VR6GTYIOSR23BHTSIMNWRANCNFSM4R7AFYXQ>
   > .
   >
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org