[KNOX-2387] KnoxSSO broken on recent Chrome browsers (version > 80) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.4.0
Component/s: KnoxSSO
Labels:
None

Description

Google chrome changed the default behavior of SameSite parameter in Set-Cookie header from None to Lax. This causes partial breakage of Knox SSO.

Details about Chrome browser feature - https://www.chromestatus.com/feature/5088147346030592

How it affects - https://support.okta.com/help/s/article/FAQ-How-Chrome-80-Update-for-SameSite-by-default-Potentially-Impacts-Your-Okta-Environment

Attachments

Issue Links

is related to

KNOX-2393 Add a configurable list of paths that SSOCookieProvider can ignore

Resolved

links to

GitHub Pull Request #347

Activity

People

Assignee:: Sandeep More

Reporter:: Sandeep More

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Jun/20 10:56

Updated:: 18/Jun/20 17:04

Resolved:: 17/Jun/20 10:50

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

1h