Skip to content

add(portal): new cookie attribute SameSite=Lax#653

Merged
ELDiablO59152 merged 1 commit into
release/2.35.4from
add_samesite_attribute
Apr 7, 2026
Merged

add(portal): new cookie attribute SameSite=Lax#653
ELDiablO59152 merged 1 commit into
release/2.35.4from
add_samesite_attribute

Conversation

@ELDiablO59152

@ELDiablO59152 ELDiablO59152 commented Feb 24, 2026

Copy link
Copy Markdown
Member

Added

  • [PORTAL] [IDP] New cookie attribute: SameSite=Lax

@ELDiablO59152 ELDiablO59152 self-assigned this Feb 24, 2026
@ELDiablO59152 ELDiablO59152 added the enhancement New feature or request label Feb 24, 2026
@ELDiablO59152 ELDiablO59152 force-pushed the add_samesite_attribute branch from 654f9e2 to 7792981 Compare March 11, 2026 11:23
ELDiablO59152
ELDiablO59152 commented Mar 11, 2026
View reviewed changes
Comment thread vulture_os/portal/views/responses.py
form_end = '</form>'
error_msg = error or ""

return render_to_response("portal_%s_html_registration.conf" % (str(application.template.id)),

@ELDiablO59152 ELDiablO59152 Mar 11, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is dead code anyway.

ELDiablO59152
ELDiablO59152 commented Mar 11, 2026
View reviewed changes
Comment thread vulture_os/portal/views/responses.py
form_end = '</form>'
error_msg = error or ""

return render_to_response("portal_%s_html_registration.conf" % (str(application.template.id)),

@ELDiablO59152 ELDiablO59152 Mar 11, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is dead code anyway.

ELDiablO59152
ELDiablO59152 commented Mar 11, 2026
View reviewed changes
Comment thread vulture_os/portal/views/logon.py
# Needed for Safari and mobiles support
response['Content-Length'] = 0
response.set_cookie(portal_cookie_name, portal_cookie, domain=split_domain(fqdn), httponly=True, secure=scheme=="https")
set_portal_cookie(response, portal_cookie_name, portal_cookie, f"{scheme}://{fqdn}")

@ELDiablO59152 ELDiablO59152 Mar 11, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regression tested by :
https://github.com/VultureProject/vulture-gui/blob/779298154fd74854a67df80a624c0ddaf122c53c/vulture_os/portal/tests/test_authentication.py#L163-169
https://github.com/VultureProject/vulture-gui/pull/653/changes#diff-f8e09b9065d6532b96d8af13fcedf56272cef7b489a0e348a62d0e87d9b4bc42R163

ELDiablO59152
ELDiablO59152 commented Mar 11, 2026
View reviewed changes
Comment thread vulture_os/portal/system/authentications.py
response.set_cookie(portal_cookie_name, self.redis_portal_session.key,
domain=self.get_redirect_url_domain(), httponly=True,
secure=self.get_redirect_url().startswith('https'))
set_portal_cookie(response, portal_cookie_name, self.redis_portal_session.key, self.get_redirect_url())

@ELDiablO59152 ELDiablO59152 Mar 11, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regression tested by :
https://github.com/VultureProject/vulture-gui/blob/779298154fd74854a67df80a624c0ddaf122c53c/vulture_os/portal/tests/test_authentication.py#L163-169
https://github.com/VultureProject/vulture-gui/pull/653/changes#diff-f8e09b9065d6532b96d8af13fcedf56272cef7b489a0e348a62d0e87d9b4bc42R163

@ELDiablO59152 ELDiablO59152 force-pushed the add_samesite_attribute branch from 7792981 to 4917f5b Compare March 27, 2026 16:22
@ELDiablO59152 ELDiablO59152 force-pushed the add_samesite_attribute branch from 4917f5b to 8d377e1 Compare March 27, 2026 16:27
@ELDiablO59152 ELDiablO59152 changed the base branch from dev to release/2.36.0 March 27, 2026 16:27
@ELDiablO59152 ELDiablO59152 changed the base branch from release/2.36.0 to release/2.35.4 April 7, 2026 07:26
@ELDiablO59152 ELDiablO59152 merged commit 3d7e433 into release/2.35.4 Apr 7, 2026
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frikilax frikilax Awaiting requested review from frikilax

Assignees

@ELDiablO59152 ELDiablO59152

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ELDiablO59152