Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Consider limiting the cookies we use for nonce and correlationId to the paths that we use them on #1133

Closed
javiercn opened this issue Mar 3, 2017 · 2 comments
Closed

Consider limiting the cookies we use for nonce and correlationId to the paths that we use them on #1133

javiercn opened this issue Mar 3, 2017 · 2 comments
Assignees
@javiercn
Labels
3 - Done bug
Milestone
2.0.0

Comments

@javiercn
Copy link
Member

javiercn commented Mar 3, 2017

Currently the handle of /, if there are incomplete logins they cause trouble and they stay on the browser cookie cache incrementing the size of each request. We should look into setting their path to the sign-in callback endpoint so that incomplete login flows don't increase the size of requests sent to the server.
@Eilon Eilon added this to the 2.0.0-preview1 milestone Mar 16, 2017
@Eilon
Copy link
Member

Eilon commented Mar 16, 2017

@javiercn any chance you want to send a PR for this? @Tratcher believes the code change is quite simple, but it requires a bit of testing.

@javiercn
Copy link
Member Author

Yeah, I will talk to @Tratcher and look into it next week.

@Eilon Eilon modified the milestones: 2.0.0-preview1, 2.0.0-preview2 Apr 20, 2017
@Eilon Eilon modified the milestones: 2.0.0-preview3, 2.0.0-preview2 May 18, 2017
javiercn added a commit that referenced this issue Jun 13, 2017
@javiercn
[Fixes #1133] Limit the path on the nonce and correlation id cookies
2ebfbf1
javiercn added a commit that referenced this issue Jun 15, 2017
@javiercn
[Fixes #1133] Limit the path on the nonce and correlation id cookies
06f8139
@mbalogh89 mbalogh89 mentioned this issue Aug 25, 2017
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@javiercn javiercn

Labels
3 - Done bug
Projects
None yet
Milestone
2.0.0
Development

No branches or pull requests
2 participants
@Eilon @javiercn