Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
Reviewed: https:/ /review. opendev. org/c/openstack /charm- keystone- saml-mellon/ +/921472 /opendev. org/openstack/ charm-keystone- saml-mellon/ commit/ 8c973aaed370e37 e38a57b9566bb83 ffc7b80656
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 8c973aaed370e37 e38a57b9566bb83 ffc7b80656
Author: Rodrigo Barbieri <email address hidden>
Date: Thu Jun 6 13:09:14 2024 -0300
Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
[1] https:/ /github. com/latchset/ mod_auth_ mellon/ commit/ 5a629a1
Closes-bug: #2068654 b599b446cc72ce3 c6adac74e08
Change-Id: Ied65c3dc87e3eb