nirutgupta opened a new issue, #29108: URL: https://github.com/apache/airflow/issues/29108
### Apache Airflow version Other Airflow 2 version (please specify below) ### What happened Airflow Version : 2.3.2 Helmchart Version: 1.3.0 When trying to login with admin credentials via iframe, it is getting redirected back to login page. Auth getting used : airflow.api.auth.backend.basic_auth ### What you think should happen instead Should be able to login just like how it should be when opened in a new tab. ### How to reproduce `webserver: webserverConfig: WTF_CSRF_ENABLED = False ` I am using Kubernetes Executor and auth as ``` api: auth_backend: airflow.api.auth.backend.basic_auth ``` There are multiple webservers pods though it can be reproducible even in one webserver instance setup. ### Operating System apache/airflow:2.3.2-python3.8 this is the image I am using. ### Versions of Apache Airflow Providers 2.3.2 ### Deployment Official Apache Airflow Helm Chart ### Deployment details I have added the related details under How to reproduce section. Putting the ingress section as well. ``` ingress: # Enable ingress resource enabled: true # Configs for the Ingress of the web Service web: # Annotations for the web Ingress annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" host: "<internal host>" ``` ### Anything else Proper documentation is lagging for the iframe enable setup. I know this feature is added for security purposes but they should be disabled with the flag. I have tried adding these two environment variables under webserver config section after searching but no luck. SESSION_COOKIE_SAMESITE = 'None' SAMESITE = 'None' ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org