Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[3.1] Re-implement SameSite for 2019 #13776

Merged
merged 5 commits into from
Oct 1, 2019
Merged

[3.1] Re-implement SameSite for 2019 #13776

merged 5 commits into from
Oct 1, 2019

Conversation

Tratcher
Copy link
Member

@Tratcher Tratcher commented Sep 6, 2019
edited
Loading

@blowdart #12125

Cherry picked from 2.1 (#13746) and updated with new enum values for Unspecified.

@Tratcher Tratcher self-assigned this Sep 6, 2019
@Tratcher Tratcher changed the title Re-implement SameSite for 2019 [3.1] Re-implement SameSite for 2019 Sep 6, 2019
@blowdart
Copy link
Contributor

blowdart commented Sep 6, 2019

Feels breaking. What's the effect on Cookie Policy here? Shouldn't the underlying cookie quirks be enough?

@Tratcher
Copy link
Member Author

Tratcher commented Sep 9, 2019

CookiePolicy also has to account for the new level of "None" vs "Unspecified". I didn't add quirks at the CookiePolicy layer because you're right, that's handled at the SetCookieHeaderValue layer.

@Tratcher Tratcher requested a review from HaoK September 9, 2019 21:04
@Tratcher
Copy link
Member Author

Added more quirks for CookiePolicy, etc..

@analogrelay analogrelay added this to the 3.1.0-preview1 milestone Sep 17, 2019
@Tratcher Tratcher marked this pull request as ready for review September 27, 2019 17:21
@Tratcher Tratcher force-pushed the tratcher/3.1/samesite branch from b3cb06a to 3e34315 Compare September 27, 2019 17:26
@Tratcher Tratcher force-pushed the tratcher/3.1/samesite branch from 3e34315 to 4462a0a Compare October 1, 2019 15:21
@Tratcher Tratcher changed the base branch from release/3.1 to release/3.1-preview1 October 1, 2019 15:21
@Tratcher
Copy link
Member Author

Tratcher commented Oct 1, 2019

@aspnet-hello triage https://dev.azure.com/dnceng/public/_build/results?buildId=372045

@Tratcher
Copy link
Member Author

Tratcher commented Oct 1, 2019

@anurse this is ready to merge.

@aspnet-hello
Copy link

This comment was made automatically. If there is a problem contact aspnetcore-build@microsoft.com.

I've triaged the above build. I've created/commented on the following issue(s)
https://github.com/aspnet/AspNetCore-Internal/issues/3173
https://github.com/aspnet/AspNetCore-Internal/issues/2742

@analogrelay analogrelay merged commit 0a1e208 into release/3.1-preview1 Oct 1, 2019
@analogrelay analogrelay deleted the tratcher/3.1/samesite branch October 1, 2019 23:05
Tratcher
Tratcher commented Oct 3, 2019
View reviewed changes
src/Security/Authentication/OpenIdConnect/samples/OpenIdConnectSample/Startup.cs
{
if (options.SameSite > SameSiteMode.Unspecified)
{
var userAgent = httpContext.Request.Headers["User-Agent"];
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

var userAgent = httpContext.Request.Headers["User-Agent"].ToString();

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to make this change in the preview1 build?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, it's just a sample, I've corrected it elsewhere. I just wanted to mark the typo so I'd remember it.

@Tratcher Tratcher mentioned this pull request Oct 4, 2019
Closed
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HaoK HaoK HaoK approved these changes

@analogrelay analogrelay Awaiting requested review from analogrelay

@jkotalik jkotalik Awaiting requested review from jkotalik

Assignees

@Tratcher Tratcher

Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
Projects
None yet
Milestone
3.1.0-preview1
Development

Successfully merging this pull request may close these issues.
7 participants
@Tratcher @blowdart @aspnet-hello @analogrelay @HaoK @Pilchie @amcasey