Re: Improving SameSite support

2020-07-08 Thread Rémy Maucherat
On Wed, Jul 8, 2020 at 8:55 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 7/8/20 11:47, Rémy Maucherat wrote: > > On Wed, Jul 8, 2020 at 5:10 PM Christopher Schultz > > > > >

Re: Improving SameSite support

2020-07-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 7/8/20 11:47, Rémy Maucherat wrote: > On Wed, Jul 8, 2020 at 5:10 PM Christopher Schultz > > wrote: > > Rémy, > > On 7/8/20 10:35, Rémy Maucherat wrote: >> On Wed, Jul 8, 2020 at 4:26 PM Christopher

Re: Improving SameSite support

2020-07-08 Thread Rémy Maucherat
On Wed, Jul 8, 2020 at 5:10 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 7/8/20 10:35, Rémy Maucherat wrote: > > On Wed, Jul 8, 2020 at 4:26 PM Christopher Schultz > > > >

Re: Improving SameSite support

2020-07-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 7/8/20 10:35, Rémy Maucherat wrote: > On Wed, Jul 8, 2020 at 4:26 PM Christopher Schultz > > wrote: > >>> Clearly, no, with multiple elements, the digester rules added >>> to ContextRuleSet would be

Re: Improving SameSite support

2020-07-08 Thread Rémy Maucherat
On Wed, Jul 8, 2020 at 4:26 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > >> Clearly, no, with multiple elements, the digester rules added to > >> ContextRuleSet would be something like (in addition to the > >> unchanged ones for CookieProcessor): > > > >

Re: Improving SameSite support

2020-07-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 7/8/20 10:20, Rémy Maucherat wrote: > On Wed, Jul 8, 2020 at 4:14 PM Christopher Schultz > > wrote: > > Rémy, > > On 7/8/20 04:16, Rémy Maucherat wrote: >> On Tue, Jul 7, 2020 at 4:26 PM Christopher

Re: Improving SameSite support

2020-07-08 Thread Rémy Maucherat
On Wed, Jul 8, 2020 at 4:14 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 7/8/20 04:16, Rémy Maucherat wrote: > > On Tue, Jul 7, 2020 at 4:26 PM Christopher Schultz > > > > >

Re: Improving SameSite support

2020-07-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 7/8/20 04:16, Rémy Maucherat wrote: > On Tue, Jul 7, 2020 at 4:26 PM Christopher Schultz > > wrote: > > Rémy, > > On 7/7/20 03:10, Rémy Maucherat wrote: >> On Mon, Jul 6, 2020 at 9:27 PM Christopher

Re: Improving SameSite support

2020-07-08 Thread Rémy Maucherat
On Tue, Jul 7, 2020 at 4:26 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Rémy, > > On 7/7/20 03:10, Rémy Maucherat wrote: > > On Mon, Jul 6, 2020 at 9:27 PM Christopher Schultz > > > > >

Re: Improving SameSite support

2020-07-07 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Rémy, On 7/7/20 03:10, Rémy Maucherat wrote: > On Mon, Jul 6, 2020 at 9:27 PM Christopher Schultz > > wrote: > > All, > > Jakarta EE 5.0 does not appear to include support for SameSite > cookies. Tomcat's

Re: Improving SameSite support

2020-07-07 Thread Rémy Maucherat
On Mon, Jul 6, 2020 at 9:27 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > All, > > Jakarta EE 5.0 does not appear to include support for SameSite > cookies. Tomcat's CookieProcessor allows an administrator to set the >

Improving SameSite support

2020-07-06 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Jakarta EE 5.0 does not appear to include support for SameSite cookies. Tomcat's CookieProcessor allows an administrator to set the SameSite cookie policy, but it's a blanket policy. So for example, if you want a JSESSIONID cookie to be