Actions
Todo #15729
closed
Address dashboard session cookie warnings
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
24.11
Release Notes:
Default
Description
PR: https://github.com/pfsense/pfsense/pull/4700
Firefox outputs warnings in the console about the cookies not having a samesite attribute, and that the attribute's value will be treated as "lax" if no changes are made.
Files
Updated by GChuf 6 21 days ago
- Status changed from Ready To Test to Feedback
- % Done changed from 0 to 100
Applied in changeset 61e5c10b7a3ae5a32db123668ada6fdcc67e7a00.
Updated by Christopher Cope 13 days ago
- Status changed from Feedback to Confirmed
Tested on
24.11-ALPHA (amd64) built on Fri Oct 11 19:54:00 UTC 2024 FreeBSD 15.0-CURRENT
Several of the errors are no longer present, but it seems there are still some that aren't fixed, such as:
Cookie “treegrid-disks-0” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Updated by Marcos M 4 days ago
- Subject changed from Add samesite attribute to session cookies to Address dashboard session cookie warnings
- Status changed from Confirmed to Resolved
- Target version set to 2.8.0
- Plus Target Version set to 24.11
The treegrid cookies for the Disk and ZFS widgets have been removed. With the widget-specific cookies removed, treegrid keeps the collapse state between both page reloads and widget refreshes.
Actions