Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce SameSiteMode.Unspecified equivalent in 3.x #4890

Closed
brettsam opened this issue Sep 5, 2019 · 4 comments
Closed

Introduce SameSiteMode.Unspecified equivalent in 3.x #4890

brettsam opened this issue Sep 5, 2019 · 4 comments
Assignees
@mhoeger
Labels
3.x area: out-of-proc
Milestone
Functions Sprint 71

Comments

@brettsam
Copy link
Member

brettsam commented Sep 5, 2019
edited
Loading

It looks like samesite=lax is not present by default in ASP.NET Core 3.0. See test RawScriptResultTests.AddsHttpCookie() -- it has been removed. Need to evaluate.
@brettsam brettsam added the 3.x label Sep 5, 2019
@brettsam brettsam changed the title Revisit default cookies in 3.x Revisit SameSiteMode settings in 3.x Dec 3, 2019
@brettsam
Copy link
Member Author

brettsam commented Dec 3, 2019
edited
Loading

This changed from 2.2 -> 3.0 -> 3.1. The value here went from samesite=lax to blank, to samesite=none.

This was referenced Dec 4, 2019
Closed
Closed
@mhoeger
Copy link
Contributor

mhoeger commented Dec 4, 2019

The linked test actually represents an invalid case :) there will never be CookieOptions where "SameSite" is not set, because it is always set with a default value of "None" (code here)

What we need to introduce with V3 is the ability to set a value of "ExplicitNone", where this adds a value of "SameSite=None", and change the current v3 to treat SameSite=None as unspecified

@mhoeger mhoeger mentioned this issue Dec 4, 2019
Merged
@mhoeger mhoeger added this to the Functions Sprint 64 milestone Dec 4, 2019
@mhoeger mhoeger changed the title Revisit SameSiteMode settings in 3.x Introduce SameSiteMode.Unspecified equivalent in 3.x Dec 5, 2019
@mhoeger
Copy link
Contributor

mhoeger commented Dec 12, 2019

Linking to this test item: #5384

@mhoeger mhoeger mentioned this issue Dec 12, 2019
Merged
This was referenced Mar 7, 2020
Merged
Merged
Merged
@fabiocav
Copy link
Member

Closing as done.

@ghost ghost locked as resolved and limited conversation to collaborators Apr 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mhoeger mhoeger

Labels
3.x area: out-of-proc
Projects
None yet
Milestone
Functions Sprint 71
Development

No branches or pull requests
3 participants
@brettsam @fabiocav @mhoeger