[
https://issues.apache.org/jira/browse/OFBIZ-10427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16658930#comment-16658930 ]
Jacques Le Roux edited comment on OFBIZ-10427 at 10/22/18 2:36 PM:
-------------------------------------------------------------------
Hi Girish,
You mentionned "SameSite cookie" at
https://markmail.org/message/lafktxeiedp5papb. I actually already gave it a try with OFBIZ-9865 but decided to revert because of side effects.
I'm not sure this will be needed once we will have a nonce associate with each request (I'm still working on it). Despite I want to note here that I put this comment then in r1812540
bq. // TODO maybe one day the ServletContext will allow to do that, then better in WebAppServletContextListener
was (Author: jacques.le.roux):
Hi Girish,
You mentionned "SameSite cookie" at
https://markmail.org/message/lafktxeiedp5papb. I actually already gave it a try with OFBIZ-9865 but decide to to revert because of side effects.
I'm not sure this will be needed once we will have a nonce associate with each request (I'm still working on it). Despite I want to note here that I put this comment then in r1812540
bq. // TODO maybe one day the ServletContext will allow to do that, then better in WebAppServletContextListener
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
Locked
