Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
Reviewed: https:/ /review. opendev. org/c/openstack /charm- keystone- saml-mellon/ +/924154 /opendev. org/openstack/ charm-keystone- saml-mellon/ commit/ 5a73e226550f175 6eb4ee0d6bd0a3a 61d8073842
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/yoga
commit 5a73e226550f175 6eb4ee0d6bd0a3a 61d8073842
Author: Rodrigo Barbieri <email address hidden>
Date: Thu Jun 6 13:09:14 2024 -0300
Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
[1] https:/ /github. com/latchset/ mod_auth_ mellon/ commit/ 5a629a1
Closes-bug: #2068654 b599b446cc72ce3 c6adac74e08 e38a57b9566bb83 ffc7b80656) 934b58f2f34f058 c5e7ae29f0) d02e33e8d858e62 95308175da) 2f59ad711e28cb9 205e336249) a5429cde8ee6869 1254aa6639)
Change-Id: Ied65c3dc87e3eb
(cherry picked from commit 8c973aaed370e37
(cherry picked from commit ffcb4348ef47c70
(cherry picked from commit 28207fa4f244dd4
(cherry picked from commit 35646986a284a34
(cherry picked from commit 0e2386f35db451d