Skip to content

[3.0 patch] Re-implement SameSite for 2019 #13870

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Oct 9, 2019
Merged

[3.0 patch] Re-implement SameSite for 2019 #13870

merged 6 commits into from
Oct 9, 2019

Conversation

Tratcher
Copy link
Member

@Tratcher Tratcher commented Sep 10, 2019
edited
Loading

Cherry pick of #13858 but expanded to account for the 3.0 defaults change from Lax to None. This preserves the old behavior of None for most components using a default value by witching them to -1 (Unspecified). E.g. new CookieOptions() excludes samesite like before unless you explicitly set it.

@Tratcher Tratcher requested a review from HaoK September 10, 2019 20:38
@Tratcher Tratcher self-assigned this Sep 10, 2019
@Tratcher Tratcher mentioned this pull request Sep 10, 2019
Merged
@HaoK
Copy link
Member

HaoK commented Sep 10, 2019

Yeah definitely should go with a less specific namespace if we are using it in 3 places now Microsoft.AspNetCore.SuppressSameSiteNone seems fine

@analogrelay analogrelay added the Servicing-consider Shiproom approval is required for the issue label Sep 17, 2019
@analogrelay analogrelay added this to the 3.0.x milestone Sep 17, 2019
@analogrelay analogrelay removed the Servicing-consider Shiproom approval is required for the issue label Sep 17, 2019
@Tratcher Tratcher added the Servicing-consider Shiproom approval is required for the issue label Sep 30, 2019
@Tratcher Tratcher force-pushed the tratcher/3.0/samesite branch from 973708d to e243b2b Compare October 2, 2019 23:20
@Tratcher
Copy link
Member Author

Tratcher commented Oct 3, 2019

@aspnet-hello triage https://dev.azure.com/dnceng/public/_build/results?buildId=374762&view=ms.vss-test-web.build-test-results-tab&runId=11472346&resultId=116327&paneView=debug

@Tratcher
Copy link
Member Author

Tratcher commented Oct 3, 2019
edited
Loading

This branch has been updated to be in sync with the others.

Outstanding items:

  • Confirm if there is or is not going to be a October patch, and when the branch really opens for November.
  • PatchConfig.props.
    • Microsoft.Net.Http.Headers
    • Microsoft.AspNetCore.Http.Abstractions
    • Microsoft.AspNetCore.Http.Features
    • Microsoft.AspNetCore.CookiePolicy

@aspnet-hello
Copy link

This comment was made automatically. If there is a problem contact [email protected].

I've triaged the above build. I've created/commented on the following issue(s)
https://github.com/aspnet/AspNetCore-Internal/issues/3156
https://github.com/aspnet/AspNetCore-Internal/issues/2617

@Tratcher Tratcher mentioned this pull request Oct 3, 2019
Merged
@vivmishra vivmishra modified the milestones: 3.0.x, 3.0.2 Oct 4, 2019
@vivmishra vivmishra added Servicing-approved Shiproom has approved the issue and removed Servicing-consider Shiproom approval is required for the issue labels Oct 4, 2019
@Tratcher Tratcher force-pushed the tratcher/3.0/samesite branch from e243b2b to cd258cf Compare October 8, 2019 21:57
@Tratcher Tratcher marked this pull request as ready for review October 9, 2019 18:48
@Tratcher Tratcher requested review from analogrelay, jkotalik and a team as code owners October 9, 2019 18:48
@Tratcher Tratcher modified the milestones: 3.0.2, 3.0.1 Oct 9, 2019
@analogrelay analogrelay merged commit c0a7f04 into release/3.0 Oct 9, 2019
@analogrelay analogrelay deleted the tratcher/3.0/samesite branch October 9, 2019 21:19
@Tratcher Tratcher mentioned this pull request Nov 5, 2019
Closed
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HaoK HaoK HaoK approved these changes

@analogrelay analogrelay Awaiting requested review from analogrelay

@jkotalik jkotalik Awaiting requested review from jkotalik

Assignees

@Tratcher Tratcher

Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions Servicing-approved Shiproom has approved the issue
Projects
None yet
Milestone
3.0.1
Development

Successfully merging this pull request may close these issues.
7 participants
@Tratcher @HaoK @aspnet-hello @analogrelay @Pilchie @amcasey @vivmishra