You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/03/26 02:31:56 UTC

[GitHub] [couchdb] thebigh2014 edited a comment on issue #1562: Provide configuration option enforcing AuthSession cookies' "Secure" attribute in couch_httpd_auth

thebigh2014 edited a comment on issue #1562: Provide configuration option enforcing AuthSession cookies' "Secure" attribute in couch_httpd_auth
URL: https://github.com/apache/couchdb/issues/1562#issuecomment-604192825
 
 
   The project I'm working on is being affected by the enforcement of SameSite=none and Secure being needed for _session cookies.  While Couchdb 3 (which we will be trying out soon) does add SameSite, the Secure value is still missing since we are using a reverse proxy to securely access our databases (as direct SSL is unreliable).  Could this please be addressed as it would be difficult to reliably intercept responses on our proxy and alter the cookie header manually.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services