You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by wi...@apache.org on 2020/01/14 11:58:40 UTC

[couchdb-documentation] 01/01: Document same_site cookie attribute

This is an automated email from the ASF dual-hosted git repository.

willholley pushed a commit to branch samesite_cookie
in repository https://gitbox.apache.org/repos/asf/couchdb-documentation.git

commit 067d9d6a1b5be108ae4541be4c90ff5717e1407b
Author: Will Holley <wi...@gmail.com>
AuthorDate: Tue Jan 14 11:57:34 2020 +0000

    Document same_site cookie attribute
    
    Add documentation for configuring the SameSite attribute of the
    auth cookie.
    
    Refs #2221
---
 src/config/auth.rst | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/config/auth.rst b/src/config/auth.rst
index f75f0a6..386837a 100644
--- a/src/config/auth.rst
+++ b/src/config/auth.rst
@@ -144,6 +144,16 @@ Authentication Configuration
             [couch_httpd_auth]
             cookie_domain = example.com
 
+    .. config:option:: same_site :: SameSite
+
+        .. versionadded:: 3.0.0
+
+        When this option is set to a non-empty value, a ``SameSite`` attribute is added to
+        the ``AuthSession`` cookie. Valid values are ``None``, ``Lax`` or ``Strict``.::
+
+            [couch_httpd_auth]
+            same_site = strict
+
     .. config:option:: auth_cache_size :: Authentication cache
 
         Number of :ref:`userctx_object` to cache in memory, to reduce disk