tailscale

mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00

History

Will Norris 9ea3942b1a client/web: don't require secure cookies for csrf Under normal circumstances, you would typically want to keep the default behavior of requiring secure cookies. In the case of the Tailscale web client, we are regularly serving on localhost (where secure cookies don't really matter), and/or we are behind a reverse proxy running on a network appliance like a NAS or Home Assistant. In those cases, those devices are regularly accessed over local IP addresses without https configured, so would not work with secure cookies. Updates tailscale/corp#13775 Signed-off-by: Will Norris <will@tailscale.com>	2023-08-23 16:44:44 -07:00
..
tailscale	cmd/tailscale/cli, ipn/ipnlocal: [funnel] add stream mode	2023-08-22 10:07:34 -04:00
web	client/web: don't require secure cookies for csrf	2023-08-23 16:44:44 -07:00

Will Norris 9ea3942b1a client/web: don't require secure cookies for csrf

Under normal circumstances, you would typically want to keep the default
behavior of requiring secure cookies.  In the case of the Tailscale web
client, we are regularly serving on localhost (where secure cookies
don't really matter), and/or we are behind a reverse proxy running on a
network appliance like a NAS or Home Assistant. In those cases, those
devices are regularly accessed over local IP addresses without https
configured, so would not work with secure cookies.

Updates tailscale/corp#13775

Signed-off-by: Will Norris <will@tailscale.com>

2023-08-23 16:44:44 -07:00

tailscale

cmd/tailscale/cli, ipn/ipnlocal: [funnel] add stream mode

2023-08-22 10:07:34 -04:00

web

client/web: don't require secure cookies for csrf

2023-08-23 16:44:44 -07:00