mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-05 23:07:44 +00:00
c615fe2296
Limit cookies to HTTP requests (not accessible from javascript). Set SameSite to "Lax", which is similar to "Strict" but allows for cookies to be included in requests that come from offsite links. This will be necessary when we link to the web client from the admin console. Updates #10261 Fixes tailscale/corp#16265 Signed-off-by: Will Norris <will@tailscale.com>