fix(clerk-js): Set SameSite=Lax for db cookie, so that it can be read… #1638
Conversation
yourtallness
requested review from
SokratisVidros and
nikosdouvlis
as code owners
🦋 Changeset detectedLatest commit: 8ebb192 The changes in this PR will be included in the next version bump. This PR includes changesets to release 3 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
![jit-ci[bot]](https://avatars.githubusercontent.com/in/142441?s=60&v=4){kind=small}
| @@ -67,7 +67,7 @@ export const createCookieHandler = () => { | |||
|
|
|||
| const setDevBrowserCookie = (jwt: string) => { | |||
| const expires = addYears(Date.now(), 1); | |||
| const sameSite = 'Strict'; | |||
| const sameSite = 'Lax'; | |||
There was a problem hiding this comment.
@dimkl do you foresee any issues with e2e testing? My question is related to the changes we made about a month ago
There was a problem hiding this comment.
Since we are making it more loose, it will probably not cause any issue. We could test it against the clerkjs cypress starter to verify that we don't miss something.
There was a problem hiding this comment.
@nikosdouvlis @dimkl Tested with https://github.com/clerkinc/example-cypress-nextjs, worked OK.
yourtallness
force-pushed
the
mark/dsh-474-make-__clerk_db_jwt-cookie-samesitelax
branch
from
c586cad
to
70061e6
Compare
|
!snapshot |
|
Hey @yourtallness - the snapshot version command generated the following package versions:
Tip: use the snippet copy button below to quickly install the required packages. # @clerk/backend
npm i @clerk/backend@0.28.0-snapshot.70061e6# @clerk/chrome-extension
npm i @clerk/chrome-extension@0.3.27-snapshot.70061e6# @clerk/clerk-js
npm i @clerk/clerk-js@4.56.0-snapshot.70061e6# eslint-config-custom
npm i eslint-config-custom@0.3.0# @clerk/clerk-expo
npm i @clerk/clerk-expo@0.18.18-snapshot.70061e6# @clerk/fastify
npm i @clerk/fastify@0.6.4-snapshot.70061e6# gatsby-plugin-clerk
npm i gatsby-plugin-clerk@4.4.5-snapshot.70061e6# @clerk/localizations
npm i @clerk/localizations@1.25.0-snapshot.70061e6# @clerk/nextjs
npm i @clerk/nextjs@4.23.3-snapshot.70061e6# @clerk/clerk-react
npm i @clerk/clerk-react@4.24.0-snapshot.70061e6# @clerk/remix
npm i @clerk/remix@2.10.0-snapshot.70061e6# @clerk/clerk-sdk-node
npm i @clerk/clerk-sdk-node@4.12.3-snapshot.70061e6# @clerk/shared
npm i @clerk/shared@0.22.0-snapshot.70061e6# @clerk/themes
npm i @clerk/themes@1.7.5# @clerk/types
npm i @clerk/types@3.50.0-snapshot.70061e6 |
… from SSR after redirects
yourtallness
force-pushed
the
mark/dsh-474-make-__clerk_db_jwt-cookie-samesitelax
branch
from
70061e6
to
8ebb192
Compare
yourtallness
deleted the
mark/dsh-474-make-__clerk_db_jwt-cookie-samesitelax
branch
|
This PR has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
… from SSR after redirects
Type of change
Packages affected
@clerk/clerk-js@clerk/clerk-react@clerk/nextjs@clerk/remix@clerk/types@clerk/themes@clerk/localizations@clerk/clerk-expo@clerk/backend@clerk/clerk-sdk-node@clerk/shared@clerk/fastify@clerk/chrome-extensiongatsby-plugin-clerkbuild/tooling/choreDescription
npm testruns as expected.npm run buildruns as expected.WIP, works for new flows
Need to figure out the following: