thebigh2014 edited a comment on issue #1562: Provide configuration option enforcing AuthSession cookies' "Secure" attribute in couch_httpd_auth URL: https://github.com/apache/couchdb/issues/1562#issuecomment-604192825 The project I'm working on is being affected by the enforcement of SameSite=none and Secure being needed for _session cookies. While Couchdb 3 (which we will be trying out soon) does add SameSite, the Secure value is still missing since we are using a reverse proxy to securely access our databases (as direct SSL is unreliable). Could this please be addressed as it would be difficult to reliably intercept responses on our proxy and alter the cookie header manually.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
