-
**Is your feature request related to a problem? Please describe.**
As a developer, I want to extend X-UI capabilities and automate its deployment and configuration. I want a separate API to manage al…
-
### Describe the bug
Under admin settings - embedding - interactive embedding, we recommend setting `SameSite=None` if the application domain and protocol entered in authorized origins is different…
-
Our Jira instance seems to work with different token authentication but it is very similar to the token authentication (just use `Bearer` instead of `Token` in Authentication field.
I'd like to pus…
-
Hi, thank you for your amazing work. I hope you could help me with one issue.
I'd like to use the following endpoint through the API:
`/admin/api/reservation/{purchaseContextType}/{publicIdent…
-
If this topic has already been discussed, please forgive my ignorance.
From what I’ve read about how DBSC works, I believe the following attack vector is possible:
1. Steal a bound cookie, and
…
-
**Describe the bug**
Admin sessions via SAML are unable to fully logout. When logging out of a SAML session, the user can log back in without authentication from any browser by clicking the SSO butto…
-
**Current Issue**
We have some services behind an authconfig that are used by both systems and users from a browser. When a user tries to access the services from their browser and is unauthenticat…
-
Hi,
I think it would be useful to have a new option for signed cookies such that the cookie is `httpOnly = false` but the signature is `httpOnly = true`. The case for this are Single Page Apps(SPA)…
-
**Is your feature request related to a problem? Please describe.**
Since Frappe supports realtime socket communication via SocketIO, we can add support for the same.
**Describe the solution you'd …
-
We migrated from .NET Framework to .NET 6, but still use AngularJS with Razor pages and cookie authentication. Our login page is a plain Razor page that is provided by our AccountController. We notice…