Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issues with SameSite origin on Firefox #128

Open
G0x209C opened this issue Jan 31, 2022 · 2 comments
Open

Issues with SameSite origin on Firefox #128

G0x209C opened this issue Jan 31, 2022 · 2 comments

Comments

@G0x209C
Copy link

G0x209C commented Jan 31, 2022

Because the socket session id is set as a SameSite None cookie without secure, it gets removed by Firefox.

This means this entire library does not work with current versions of Firefox when the frontend client is hosted separately from the backend sails.js framework.

Pls fix this..
Issue
@G0x209C
Copy link
Author

G0x209C commented Jan 31, 2022
edited

After thoroughly debugging and going through the codebase I figured out this has to do with the sails framework configuration. A headache and 3 cups of coffee later:
Set in config/session.js
{ cookie:{ secure: true } }

@G0x209C G0x209C closed this as completed Jan 31, 2022
@G0x209C
Copy link
Author

G0x209C commented Jan 31, 2022

However, another issue springs from this..
During development this could prevent you from user-testing your code in both FireFox and Safari as the SameSite secure:false setting leads to instant deletion of the session id cookie instantly.

@G0x209C G0x209C reopened this Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@G0x209C