Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
Reviewed: https:/ /review. opendev. org/c/openstack /charm- keystone- saml-mellon/ +/922633 /opendev. org/openstack/ charm-keystone- saml-mellon/ commit/ 28207fa4f244dd4 d02e33e8d858e62 95308175da
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/2023.2
commit 28207fa4f244dd4 d02e33e8d858e62 95308175da
Author: Rodrigo Barbieri <email address hidden>
Date: Thu Jun 6 13:09:14 2024 -0300
Improve compatibility with Chromium-based browsers
Since commit [1] mellon changed the default behavior
of cross-site cookies by allowing all if unset.
Some IDP providers use cross-site cookies to
authenticate. Chromium-based browsers reject insecure
cross-site cookies.
Adding config option to optioanlly enable
Secure HTTPS cookies so it can work with
Chromium-based browsers as long as the
IDP connection is HTTPS.
[1] https:/ /github. com/latchset/ mod_auth_ mellon/ commit/ 5a629a1
Closes-bug: #2068654 b599b446cc72ce3 c6adac74e08 e38a57b9566bb83 ffc7b80656) 934b58f2f34f058 c5e7ae29f0)
Change-Id: Ied65c3dc87e3eb
(cherry picked from commit 8c973aaed370e37
(cherry picked from commit ffcb4348ef47c70