Add sameSite parameter (#2069)
This commit is contained in:
Xavier Guimard
parent
0408ce80b8
commit
f3f97ccb80
|
|
@ -259,6 +259,7 @@ sub defaultValues {
|
|||
'rest2fActivation' => 0,
|
||||
'restAuthnLevel' => 2,
|
||||
'restClockTolerance' => 15,
|
||||
'sameSite' => 'Lax',
|
||||
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
||||
'samlAuthnContextMapKerberos' => 4,
|
||||
|
|
|
|||
|
|
@ -2801,6 +2801,23 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'restUserDBUrl' => {
|
||||
'type' => 'url'
|
||||
},
|
||||
'sameSite' => {
|
||||
'default' => 'Lax',
|
||||
'select' => [ {
|
||||
'k' => 'Strict',
|
||||
'v' => 'Strict'
|
||||
},
|
||||
{
|
||||
'k' => 'Lax',
|
||||
'v' => 'Lax'
|
||||
},
|
||||
{
|
||||
'k' => 'None',
|
||||
'v' => 'None'
|
||||
}
|
||||
],
|
||||
'type' => 'select'
|
||||
},
|
||||
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => {
|
||||
'default' =>
|
||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
||||
|
|
|
|||
|
|
@ -1076,6 +1076,17 @@ sub attributes {
|
|||
documentation => 'Cookie securisation method',
|
||||
flags => 'hp',
|
||||
},
|
||||
sameSite => {
|
||||
type => 'select',
|
||||
select => [
|
||||
{ k => 'Strict', v => 'Strict' },
|
||||
{ k => 'Lax', v => 'Lax' },
|
||||
{ k => 'None', v => 'None' },
|
||||
],
|
||||
default => 'Lax',
|
||||
documentation => 'Cookie SameSite value',
|
||||
flags => 'hp',
|
||||
},
|
||||
|
||||
# Viewer
|
||||
viewerHiddenKeys => {
|
||||
|
|
|
|||
|
|
@ -526,7 +526,8 @@ sub tree {
|
|||
nodes => [
|
||||
'cookieName', '*domain',
|
||||
'cda', 'securedCookie',
|
||||
'httpOnly', 'cookieExpiration'
|
||||
'httpOnly', 'cookieExpiration',
|
||||
'sameSite',
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"القواعد",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"نفسه",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"حفظ",
|
||||
"saveReport":"احفظ التقرير",
|
||||
"savingConfirmation":"حفظ التأكيد",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Regeln",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"Same",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
"savingConfirmation":"Saving confirmation",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Rules",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"Same",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
"savingConfirmation":"Saving confirmation",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Règles",
|
||||
"rulesAuthnLevel":"Niveaux auth requis",
|
||||
"Same":"Identique",
|
||||
"sameSite":"Valeur SameSite du cookie",
|
||||
"save":"Sauver",
|
||||
"saveReport":"Rapport de sauvegarde",
|
||||
"savingConfirmation":"Confirmation de sauvegarde",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Regole",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"Stesso",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Salva",
|
||||
"saveReport":"Salva report",
|
||||
"savingConfirmation":"Salvataggio della conferma",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Kurallar",
|
||||
"rulesAuthnLevel":"Gereken doğrulama seviyeleri",
|
||||
"Same":"Aynı",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Kaydet",
|
||||
"saveReport":"Raporu kaydet",
|
||||
"savingConfirmation":"Doğrulama kaydediliyor",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Quy tắc",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"Tương tự",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Lưu",
|
||||
"saveReport":"Lưu báo cáo",
|
||||
"savingConfirmation":"Lưu xác nhận",
|
||||
|
|
|
|||
|
|
@ -793,6 +793,7 @@
|
|||
"rules":"Rules",
|
||||
"rulesAuthnLevel":"Required auth levels",
|
||||
"Same":"Same",
|
||||
"sameSite":"Cookie SameSite value",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
"savingConfirmation":"Saving confirmation",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -756,7 +756,8 @@ sub cookie {
|
|||
$h{HttpOnly} //= $self->conf->{httpOnly};
|
||||
$h{max_age} //= $self->conf->{cookieExpiration}
|
||||
if ( $self->conf->{cookieExpiration} );
|
||||
foreach (qw(domain path expires max_age HttpOnly)) {
|
||||
$h{SameSite} ||= $self->conf->{sameSite};
|
||||
foreach (qw(domain path expires max_age HttpOnly SameSite)) {
|
||||
my $f = $_;
|
||||
$f =~ s/_/-/g;
|
||||
push @res, "$f=$h{$_}" if ( $h{$_} );
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user