Versions Compared

Old Version 14

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version 15

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CookieSupportBehaviour
HttpOnly(tick) By defaultThe cookies are not going to be accesible from the JavaScript API.
secure(tick) Should be enabled by setting the configuration item "auth_secure_cookie" => "true" in opCommon.json.

This cookie could be sent just in a request ciphered over https protocol. That's the reason why it is not set by default. 

SameSite

set to Strict

(tick) Supported since the following versions:

  • Open-AudIT 34.4.0
  • opAddress 2.1.0
  • opCharts 4.3.0
  • opConfig 4.3.0
  • opEvents 4.1.0
  • opHA 3.4
  • opReports 4.3.0

The cookie set to strict means that the browser only sends the cookie if the request was made in the website that originally established the cookie. 

...