[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] SameSite cookie support and HTTP-POST binding
// We store relaystate values in memory, or in encrypted HTML5 local storage items.
cheers, Peter 2019. 07. 19. 14:24 keltezÃssel, Cantor, Scott Ãrta:
On 7/19/19, 9:22 AM, "Peter Major" <peter.major@forgerock.com> wrote:Are there any best practices (implementation advices) available for keeping HTTP-POST binding working even when the session cookies have SameSite Lax flag? (or Strict flag and HTTP-Redirect binding?)Don't use cookies for relay state. -- Scott
-- Because lawyers: ---------------------NOTICE: This message, including any attachments, may contain confidential information. If you are not the intended recipient, please advise the sender immediately and destroy all copies of this message and any attachments. ForgeRock Ltd may monitor email traffic data and also the content of email transmitted over its network for security purposes. No employee or agent is authorized to conclude any binding agreement on behalf of ForgeRock Ltd by means of e-mail communication. ForgeRock Ltd is a limited company registered in England and Wales; its registered address is 60 Queen Square, Bristol, BS1 4JZ; and its registration number is 7227664.
----------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]