Susheel Gupta created YARN-11661:
------------------------------------
Summary: Adding new property to configure the "SameSite" cookie
attribute on YARN UI
Key: YARN-11661
URL: https://issues.apache.org/jira/browse/YARN-11661
Project: Hadoop YARN
Issue Type: Improvement
Components: yarn
Reporter: Susheel Gupta
If we use 'SameSite=Strict,' the browser would only send the cookie for
same-site requests, rendering cross-site sessions ineffective.
However, it’s worth noting that while using SameSite=None with TLS does enhance
the security of your cookies compared to using it without TLS, it doesn’t
provide complete security. Nevertheless, considering the necessity for
cross-site sessions, utilizing SameSite=None along with TLS can provide a
reasonable level of security.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-dev-h...@hadoop.apache.org
