Specify SameSite attribute in Server UI to lax

Assignee

Kamil Kočí

Reporter

Branislav Repcek

Labels

GreenSAMLrelease-notessecurity

Sprint

None

Description

Review our usage of SameSite attribute in Server UI and ensure that we set it to reasonable value (currently we use the default which is “none”). Review the linked issues and ensure that our implementation does not break SAML or any other feature.

Steps to reproduce

None

Linked issues

relates to

CLO-29292

SAML does not redirect to the original URL

Activity

Kamil Kočí December 20, 2024 at 10:29 AM

Fix the issue with login from the designer, please retest this.

Kamil Kočí December 16, 2024 at 12:21 PM

Please test the following:

Ensure that all cookies are set to SameSite=Lax.
Verify that the redirect after login works correctly when using SSO.
Confirm that other cookies, such as those controlling the expansion/collapse of menus, function properly.

Fixed

Details
Time tracking
1d 6h 15m logged
Priority
Blocker
Fix versions
rel-7-0-0
Zendesk ticket
217938
QA Testing
UNDECIDED

Created July 29, 2024 at 8:22 AM

Updated last month

Resolved December 20, 2024 at 2:35 PM

Configure

Specify SameSite attribute in Server UI to lax

Assignee

Reporter

Labels

Sprint

Description

Steps to reproduce

Linked issues

relates to

Activity

Kamil Kočí December 20, 2024 at 10:29 AM

Kamil Kočí December 16, 2024 at 12:21 PM

DetailsTime tracking1d 6h 15m loggedPriorityBlockerFix versionsrel-7-0-0Zendesk ticket217938QA TestingUNDECIDED

Details

Time tracking

Priority

Fix versions

Zendesk ticket

QA Testing

Details
Time tracking
1d 6h 15m logged
Priority
Blocker
Fix versions
rel-7-0-0
Zendesk ticket
217938
QA Testing
UNDECIDED