thebigh2014 edited a comment on issue #1562: Provide configuration option 
enforcing AuthSession cookies' "Secure" attribute in couch_httpd_auth
URL: https://github.com/apache/couchdb/issues/1562#issuecomment-604192825
 
 
   The project I'm working on is being affected by the enforcement of 
SameSite=none and Secure being needed for _session cookies.  While Couchdb 3 
(which we will be trying out soon) does add the SameSite attribute, the Secure 
attribute is still missing since we are using a reverse proxy to securely 
access our databases (as direct SSL is unreliable).  Could this please be 
addressed as it would be difficult to reliably intercept responses on our proxy 
and alter the cookie header manually.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to