Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Improve cookie security. Fixes #2759 #2763

Merged
merged 2 commits into from
Apr 20, 2020
Merged

fix: Improve cookie security. Fixes #2759 #2763

merged 2 commits into from
Apr 20, 2020

Conversation

alexec
Copy link
Contributor

@alexec alexec commented Apr 20, 2020
edited
Loading

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this is a chore.
  • The title of the PR is (a) conventional, (b) states what changed, and (c) suffixes the related issues number. E.g. "fix(controller): Updates such and such. Fixes #1234".
  • I've signed the CLA.
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My builds are green. Try syncing with master if they are not.
  • My organization is added to USERS.md.

@alexec alexec linked an issue Apr 20, 2020 that may be closed by this pull request
Improve cookie security #2759
Closed
@alexec alexec marked this pull request as ready for review April 20, 2020 16:10
@alexec alexec added the type/security Security related label Apr 20, 2020
simster7
simster7 approved these changes Apr 20, 2020
View reviewed changes
ui/src/app/login/components/login.tsx
<i className='fa fa-info-circle' /> You appear to be logged {maybeLoggedIn() ? 'in' : 'out'}. It may not be necessary to login to use Argo, it depends on how it is
configured.
<i className='fa fa-info-circle' /> You appear to be <b>logged {maybeLoggedIn() ? 'in' : 'out'}</b>. It may not be necessary to login to use Argo, it depends on how
it is configured.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A link to https://github.com/argoproj/argo/blob/master/docs/argo-server.md would be useful here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes - but not today :(

@alexec alexec merged commit a6fa3f7 into argoproj:master Apr 20, 2020
@alexec alexec deleted the fix-cookie branch April 20, 2020 17:22
@simster7
Copy link
Member

Back-ported to 2.7

simster7 pushed a commit that referenced this pull request Apr 20, 2020
@alexec @simster7
fix: Improve cookie security. Fixes #2759 (#2763)
ee10796
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simster7 simster7 simster7 approved these changes

@alexmt alexmt Awaiting requested review from alexmt

@jannfis jannfis Awaiting requested review from jannfis

@sarabala1979 sarabala1979 Awaiting requested review from sarabala1979

Assignees
No one assigned
Labels
type/security Security related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve cookie security
2 participants
@alexec @simster7