bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-30 07:03:42 +00:00
Code Issues Releases Wiki Activity

only use Secure cookies if on a https connection (#4472)

Browse Source
This commit is contained in:
Jake Fink
2024-07-09 08:51:56 -04:00
committed by GitHub
parent 1525c10bfb
commit d85fbf9f01
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Identity/Startup.cs
View File

@@ -108,6 +108,10 @@ public class Startup
options.SaveTokens = false;
options.GetClaimsFromUserInfoEndpoint = true;
// Some browsers (safari) won't allow Secure cookies to be set on a http connection
options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.NonceCookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.Events = new Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents
{
OnRedirectToIdentityProvider = context =>