Ghost

mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-11 09:53:32 +03:00

History

Kevin Ansfield 8d0a6b2674 🐛 Fixed "View site" not logging into private sites with separate admin domains no issue - browsers now block cross-origin cookies unless they are explicitly set with `SameSite=none` and `Secure=true` options which was preventing the login request made by Ghost-Admin from working - added an explicit `SameSite=none` option to the private site session cookie - will only work when the front-end site is served over HTTPS - there's no way to get browsers to accept cross-origin cookies over HTTP	2020-04-15 10:52:30 +01:00
..
amp	Moved helper proxy into a service	2020-04-08 17:22:44 +01:00
private-blogging	🐛 Fixed "View site" not logging into private sites with separate admin domains	2020-04-15 10:52:30 +01:00

Kevin Ansfield 8d0a6b2674 🐛 Fixed "View site" not logging into private sites with separate admin domains

no issue

- browsers now block cross-origin cookies unless they are explicitly set with `SameSite=none` and `Secure=true` options which was preventing the login request made by Ghost-Admin from working
- added an explicit `SameSite=none` option to the private site session cookie
- will only work when the front-end site is served over HTTPS - there's no way to get browsers to accept cross-origin cookies over HTTP

2020-04-15 10:52:30 +01:00

amp

Moved helper proxy into a service

2020-04-08 17:22:44 +01:00

private-blogging

🐛 Fixed "View site" not logging into private sites with separate admin domains

2020-04-15 10:52:30 +01:00