Will Norris 9ea3942b1a client/web: don't require secure cookies for csrf ... Under normal circumstances, you would typically want to keep the default behavior of requiring secure cookies. In the case of the Tailscale web client, we are regularly serving on localhost (where secure cookies don't really matter), and/or we are behind a reverse proxy running on a network appliance like a NAS or Home Assistant. In those cases, those devices are regularly accessed over local IP addresses without https configured, so would not work with secure cookies. Updates tailscale/corp#13775 Signed-off-by: Will Norris <will@tailscale.com>		2023-08-23 16:44:44 -07:00
..
src	client/web: open auth URLs in new browser tab	2023-08-23 17:38:50 -04:00
api.go	client/web: add csrf protection to web client api	2023-08-21 15:02:02 -04:00
dev.go	client/web: add barebones vite dev setup	2023-08-10 21:54:43 -04:00
index.html	client/web: copy existing UI to basic react components	2023-08-15 12:01:36 -07:00
package.json	client/web: add csrf protection to web client api	2023-08-21 15:02:02 -04:00
postcss.config.js	client/web: add tailwind styling to react app	2023-08-14 15:29:12 -04:00
tailwind.config.js	client/web: add tailwind styling to react app	2023-08-14 15:29:12 -04:00
tsconfig.json	client/web: add tsconfig.json	2023-08-11 11:55:29 -04:00
vite.config.ts	client/web: add barebones vite dev setup	2023-08-10 21:54:43 -04:00
web_test.go	client/web: extract web client from cli package	2023-08-09 09:53:37 -07:00
web.css	client/web: extract web client from cli package	2023-08-09 09:53:37 -07:00
web.go	client/web: don't require secure cookies for csrf	2023-08-23 16:44:44 -07:00
web.html	client/web: extract web client from cli package	2023-08-09 09:53:37 -07:00
yarn.lock	client/web: add csrf protection to web client api	2023-08-21 15:02:02 -04:00