traefik-forward-auth icon indicating copy to clipboard operation
traefik-forward-auth copied to clipboard

Published 20 hours ago verified publisher icon thomseddon

Add SameSite option

Open heralight opened this issue 4 years ago • 2 comments
trafficstars

Related to https://github.com/thomseddon/traefik-forward-auth/pull/95

Add the possibility to set le SameSite cookie flag.

heralight avatar Jul 02 '21 04:07 heralight

Hi, I'd really appreciate if this could be merged: It would solve the issues we have when trying to embedd a page authenticated over these means as an iframe into e.g. confluence or sharepoint! @heralight : Do you have a public docker image with "your" build of this that I could use in the meantime?

jmichler avatar Nov 15 '21 10:11 jmichler

Not sure if this is related: even with the fix from the PR it is only working to embedd a page protected over this tool as an IFrame if at least once before the user has accessed the page standalone and has a current session with the IDP established. If not the flow tries to redirect to login.microsoftonline and that page denies to be shown in an iframe.

  1. has anyone managed to solve this?
  2. I think this application has no real chance to solve this? Since before redirecting to the Microsoft oauth endpoint it does not know if a login is required? And this can not go for the workaround to open the login page as a pop-up? see https://docs.microsoft.com/en-us/answers/questions/387682/loginmicrosoftonline-refused-to-connect-from-ifram.html

jmichler avatar Nov 17 '21 21:11 jmichler