Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rpc http cookie behavior on V3 #5331

Merged
merged 6 commits into from
Dec 5, 2019
Merged

Rpc http cookie behavior on V3 #5331

merged 6 commits into from
Dec 5, 2019

Conversation

mhoeger
Copy link
Contributor

@mhoeger mhoeger commented Dec 4, 2019

Prevents break but doesn't take full advantage of "samesite=none"

Complete fix here:
Azure/azure-functions-nodejs-worker#270

Addresses:
#4890

@mhoeger mhoeger requested review from brettsam and fabiocav December 4, 2019 03:36
fabiocav
fabiocav reviewed Dec 5, 2019
View reviewed changes
test/WebJobs.Script.Tests/Binding/ActionResults/RawScriptResultTests.cs Outdated
}),
new Tuple<string, string, CookieOptions>("secondCookie", "cookieValue2", new CookieOptions()
{
Path = "/",
HttpOnly = true,
MaxAge = TimeSpan.FromSeconds(20)
MaxAge = TimeSpan.FromSeconds(20),
SameSite = (SameSiteMode)(-1)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should be able to use the new enum value here instead (you may need to add an explicit reference to the package here)

@brettsam, we may need to go over the projects to make sure we're building against the right versions.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We were trying to not update Script to use anything from 2.0, if I recall. Only WebHost moved forward.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was there a good reason for that? It will lead to behavior like this where we're building against an incorrect API

@mhoeger mhoeger merged commit f26fb17 into Azure:v3.x Dec 5, 2019
fabiocav pushed a commit that referenced this pull request Apr 22, 2020
@mhoeger @fabiocav
Rpc http cookie behavior on V3 (#5331)
145d8cd 
* change default to Unspecified

* by default, an unspecified SameSite value shouldn't be added

* use enum

* update test to be more accurate

* Add explicit reference to .NET core 3.1 for http features

* update reference
yojagad pushed a commit that referenced this pull request Apr 22, 2020
@mhoeger @yojagad
Rpc http cookie behavior on V3 (#5331)
88e523e 
* change default to Unspecified

* by default, an unspecified SameSite value shouldn't be added

* use enum

* update test to be more accurate

* Add explicit reference to .NET core 3.1 for http features

* update reference
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabiocav fabiocav fabiocav approved these changes

@brettsam brettsam Awaiting requested review from brettsam

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mhoeger @brettsam @fabiocav