Robert Boyd III
Robert Boyd III
Looks like the fix has been merged upstream, so once there's a new release, in theory, all we'll need to do is bump the version in `composer.json`. Edit: waiting on...
> I'm thinking we can go ahead and merge this so the feature gets out there, then we can create a new issue for the UFIXIT. I am happy to...
This issue should be pretty easy to address. Whoever ends up taking this should look at `src/Controller/FileItemsController.php` and `src/Services/LmsPostService.php`. The issue is that `FileItemsController` doesn't check to see if the...
I now get the same issue in Firefox 96.0.1 on the dev branch. Chrome seems to work for now
Firefox 96 changelog has this: > Firefox will now default all cookies to having a SameSite=lax attribute which helps defend against Cross-Site Request Forgery (CSRF) attacks. and I do get...
``` Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 6 Cookie “_csrf_token” has “SameSite” policy set to “Lax” because it is missing a “SameSite” attribute,...
@cidilabs
I don't believe I'm using any special configuration. I also realized that those warnings happen just in regular canvas, so this is probably not related to this issue.
Version info: confirmed working on Firefox 95.0.2, confirmed not working on Firefox 96.0.1
Working in Firefox 96.0.1 with POST variables as follows: ``` iss | "https://canvas.instructure.com" login_hint | client_id | "10000000000014" target_link_uri | "/dashboard" lti_message_hint | canvas_region | "not_configured" ```