Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
Reviewed: https:/ /review. opendev. org/c/openstack /charm- keystone- saml-mellon/ +/922495 /opendev. org/openstack/ charm-keystone- saml-mellon/ commit/ ffcb4348ef47c70 934b58f2f34f058 c5e7ae29f0
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/2024.1
commit ffcb4348ef47c70 934b58f2f34f058 c5e7ae29f0
Author: Rodrigo Barbieri <email address hidden>
Date: Thu Jun 6 13:09:14 2024 -0300
Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
[1] https:/ /github. com/latchset/ mod_auth_ mellon/ commit/ 5a629a1
Closes-bug: #2068654 b599b446cc72ce3 c6adac74e08 e38a57b9566bb83 ffc7b80656)
Change-Id: Ied65c3dc87e3eb
(cherry picked from commit 8c973aaed370e37