mahara-contributors team mailing list archive

Thread
Date

[Bug 1926370] Re: More flexibility in Cookie settings

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Kristina Hoeppner <1926370@xxxxxxxxxxxxxxxxxx>
Date: Sat, 17 Jul 2021 05:33:44 -0000
Reply-to: Bug 1926370 <1926370@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: mahara
    Milestone: 21.10.0 => None

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: mahara-contributors
https://bugs.launchpad.net/bugs/1926370

Title:
  More flexibility in Cookie settings

Status in Mahara:
  Triaged

Bug description:
  This is a wishlist item...

  We are currently loading some output from Mahara in a thirdparty
  iframe and we have issues with cookies being readable in that
  scenario.  To get around this we are modifying the 'setcookie()' call
  in the 'clear_duplicate_cookies()' function in the
  'htdocs/auth/session.php' file.

  We are adding "; SameSite=None" to the path and hard coding the secure
  parameter to be true.

  The proposal is to extend the '$SESSION' allowing these to be
  programatically set and checked for in the 'clear_duplicate_cookies()'
  function.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1926370/+subscriptions