You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/06/16 15:22:00 UTC

[jira] [Work logged] (KNOX-2387) KnoxSSO broken on recent Chrome browsers (version > 80)

     [ https://issues.apache.org/jira/browse/KNOX-2387?focusedWorklogId=446582&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-446582 ]

ASF GitHub Bot logged work on KNOX-2387:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 16/Jun/20 15:21
            Start Date: 16/Jun/20 15:21
    Worklog Time Spent: 10m 
      Work Description: moresandeep opened a new pull request #347:
URL: https://github.com/apache/knox/pull/347


   # What changes were proposed in this pull request?
   
   Update the Set-Cookie header for hadoop-jwt cookie to include SameSite=none parameter.
   
   ## How was this patch tested?
   This patch was tested on a local cluster.
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 446582)
    Remaining Estimate: 0h
            Time Spent: 10m

> KnoxSSO broken on recent Chrome browsers (version > 80)
> -------------------------------------------------------
>
>                 Key: KNOX-2387
>                 URL: https://issues.apache.org/jira/browse/KNOX-2387
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxSSO
>            Reporter: Sandeep More
>            Assignee: Sandeep More
>            Priority: Major
>             Fix For: 1.4.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Google chrome changed the default behavior of SameSite parameter in Set-Cookie header from None to Lax. This causes partial breakage of Knox SSO. 
> Details about Chrome browser feature - [https://www.chromestatus.com/feature/5088147346030592]
> How it affects - [https://support.okta.com/help/s/article/FAQ-How-Chrome-80-Update-for-SameSite-by-default-Potentially-Impacts-Your-Okta-Environment]
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)