[ixpmanager] Peeringdb oauth & Security Headers
Edrich de Lange
edd at edd.za.net
Sun Oct 6 19:19:29 IST 2019
Howdy all
If you are like us, and have an admin who likes popping sites into https://securityheaders.com to see if we are doing something wrong (which you probably all should be doing),
the oauth doesn’t work if you have SameSite=Strict under Cookie Headers.
Setting it to LAX works. Not ideal, but it will make it work. Otherwise you end up with an error 500
Kind regards
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 854 bytes
Desc: OpenPGP digital signature
URL: <https://www.inex.ie/pipermail/ixpmanager/attachments/20191006/bd06e6ea/attachment.sig>
More information about the ixpmanager
mailing list