-
# Issue summary
In our standalone Remix app (not embedded), we use `await authenticate.admin(request)` to create a session (offline). This sets a cookie and the user's session has the auth token fo…
-
## Expected Behavior
Login succeed
## Current Behavior
If you specify a custom cookie name while using redis to manage sessions we are unable to decrypt the cookie:
```
oauth2-proxy …
-
Problem:
There is a specific circumstance where it's impossible to sign-in anymore till the deletion of `_session` cookie in Chrome(Android) or Safari(iOS), even if the `prompt=login`.
Related is…
-
### Issue submitter TODO list
- [X] I've searched for an already existing issues [here](https://github.com/kafbat/kafka-ui/issues)
- [X] I'm running a supported version of the application which is li…
-
### Description
Dear colleagues,
it seems that the default values for the SECURE and HTTPONLY flags of cookies, **especially** for the PHP session cookie, (PHPSESSID) are not set to true. This o…
-
### Privileged issue
- [X] I'm @tiangolo or he asked me directly to create an issue here.
### Issue Content
https://fastapi.tiangolo.com/tutorial/cookie-param-models/#cookies-with-a-pydantic-model
…
-
Good day,
This was brought up by our security team by one of their scans. I told them I would bring this up to you.
**Cookie Session vulnerabilities:**
1) Clear Text (missing value=secu…
-
### Session description
We will share and discuss progress on the [Cookie Layering](https://github.com/httpwg/http-extensions/issues/2084) effort, our new [Cookies Internet Draft](https://github.com/…
-
Hello,
Next.js version: 15.0.0-canary.134
iron-session version: 8.0.3
`cookies()` in the getIronSession parameter, has the following TS error:
```
Argument of type 'ReadonlyRequestCookies'…
-
### Module version(s) affected
5.3.2
### Description
The default Session variable in SilverStripe 5 has the SameSite=Lax setting enabled.
**SameSite Cookie Policy**: The `SameSite=Lax` setting …