[Koha-bugs] [Bug 33259] New: Optionally set SameSite attribute of cookie to Strict
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Mar 17 03:29:39 CET 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33259
Bug ID: 33259
Summary: Optionally set SameSite attribute of cookie to Strict
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: aleisha at catalyst.net.nz
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
We should offer a system preference so that libraries who'd like to increase
their security can set the SameSite attribute of the session cookie to Strict,
rather than the default Lax.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list