You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/10/01 20:27:25 UTC

[GitHub] [couchdb] SinanGabel commented on issue #3181: Configuration same_site set to none makes CouchDB unusable

SinanGabel commented on issue #3181:
URL: https://github.com/apache/couchdb/issues/3181#issuecomment-702378464


   Set-Cookie: flavor=choco; SameSite=None
   
   Is probably what you have now (exchange [flavor=choco] to what you are
   setting).
   
   The single line in the nginx configuration does adds the following in bold
   to the line (if you have set up things correctly):
   
   Set-Cookie: flavor=choco; SameSite=None; *HTTPOnly; **Secure*
   
   Here's what my browser is showing in the Network part.
   [image: image.png]
   Here's one reference:
   
   https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
   
   
   
   On Thu, 1 Oct 2020 at 20:54, grapevineai <no...@github.com> wrote:
   
   > I have tried to add proxy_cookie_path / "/; HTTPOnly; Secure"; to nginx
   > but it doesn't solve the issue.
   >
   > Can someone explain to me why "none" is not working out of the box while
   > "strict" and "lax" do? Is it a bug or a is it something we should add to
   > the documentation?
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > <https://github.com/apache/couchdb/issues/3181#issuecomment-702332032>,
   > or unsubscribe
   > <https://github.com/notifications/unsubscribe-auth/ABKTZUUWHXUIR6HNYO5P3A3SITF5FANCNFSM4R7AFYXQ>
   > .
   >
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org