couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Spode Miller (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1959) Cookie Domain Setting
Date Thu, 12 Dec 2013 14:30:07 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13846329#comment-13846329
] 

Andrew Spode Miller commented on COUCHDB-1959:
----------------------------------------------

It's worth mentioning that several other people want this feature (from googling) and there
is even a node project as a man in the middle to add this parameter in. See:

https://github.com/MarFarMa/couchdb-cookie-auth

> Cookie Domain Setting
> ---------------------
>
>                 Key: COUCHDB-1959
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1959
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: HTTP Interface
>            Reporter: Andrew Spode Miller
>
> When using cookies for authentication, there is no "domain" set for the cookie.
> This is fine - because this will default the cookie to the domain you accessed it from.
> However, if you want to, for example, login to auth.domain.com and then access 1.domain.com,
2.domain.com - your authentication won't be valid as the cookie domain will be auth.domain.com
> I'd like to see an option in local.ini to turn on a wildcard cookie. This would set the
domain to ".domain.com" which would allow the cookie to work across subdomains. This would
default to off and only affect people who want this specific use. 



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

Mime
View raw message