mc/metacrypt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix download cookie: SameSite Strict blocks cookie on POST redirect

Browse Source 
SameSite=Strict prevents the browser from sending the auth cookie when
following a redirect from a cross-context POST (form submission) to a
GET. Changing to SameSite=Lax allows the cookie to be sent on top-level
navigations (including redirects), so the /pki/download/{token} handler
receives the auth cookie and serves the tgz.

Co-authored-by: Junie <junie@jetbrains.com>
This commit is contained in:
Kyle Isom
2026-03-15 13:50:22 -07:00
parent 4469c650cc
commit 02ee538213
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.junie/memory/language.json
View File

@@ -1 +1 @@
[{"lang":"en","usageCount":39}]
[{"lang":"en","usageCount":40}]