[Koha-bugs] [Bug 33259] Optionally set SameSite attribute of cookie to Strict
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Mar 12 01:28:17 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33259
--- Comment #56 from David Cook <dcook at prosentient.com.au> ---
Oh good. Chrome and Firefox appear to work differently.
In Chrome, if you login to Keycloak first, and then do that
Koha->Keycloak->Koha redirect you're fine.
In Firefox, if you login to Keycloak first, and then do that
Koha->Keycloak->Koha redirect, you still will get an error.
Of course, you should only be clicking "Login with Keycloak" from an anonymous
session, which takes me back to that thing about the anonymous session not
being Strict even when authenticated cookies are Strict.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list