Comments (13)
Hey @domoritz I am not able to reproduce this mine login works fine
from editor-backend.
Hmm, let me try again. I was trying something else and it didn’t work for me.
from editor-backend.
No, does not work. I'm on Safari 13.1. Maybe this is some new restriction on cookies. I do get a warning in Chrome
from editor-backend.
Ahh, I think the issue is that our cookie is a third party cookie.
from editor-backend.
The issue is probably that we need to set cookies to be secure.
from editor-backend.
I think we need to set https://github.com/vega/editor-backend/blob/master/src/app.ts#L77 but somehow I cannot log in anymore after I uncomment this line.
@algomaster99 Can you help me here?
from editor-backend.
@domoritz what error are you getting?
from editor-backend.
There seem to be two separate issues.
- Chrome warns us about unsafe cookies. We should enable safe cookies (but when I do it, login doesn't work for some reason).
- When I check whether I am logged in in Chrome in incognito or Safari (on my machine) the response is always that I am not logged in.
Any idea what's going wrong? It looks like cors is not working as expected.
from editor-backend.
@domoritz Chrome in incognito works fine for me. For Safari, shall I just check it on some iPhone?
from editor-backend.
I noticed that I can log in if I disable this setting to prevent cross-site tracking.
Maybe let's focus on enabling safe cookies (https://github.com/vega/editor-backend/blob/master/src/app.ts#L77) for now and look at this issue later. Can you look into this?
from editor-backend.
@domoritz secure: true
is only responsible for this behavior https://stackoverflow.com/a/40324493/11751642. What problem are you facing exactly?
from editor-backend.
Adding the secure flag is for #130 (comment)
from editor-backend.
@domoritz 44ed970 fixes this.
Please note my comment there though.
from editor-backend.
Related Issues (20)
- Move code here
- Setup simple deployment HOT 3
- de-duplicate setup instructions
- Should we set the Same Site attribute?
- Can't run in dev mode HOT 1
- Add tests
- Add favicon HOT 2
- Don't use deprecated authentication api HOT 1
- Replace now with vercel HOT 4
- Add pagination to gist fetching HOT 1
- Add link to docs HOT 1
- Sign-in link at https://vega.now.sh/ doesn't work HOT 7
- Make backend stateless
- Implementation of pagination HOT 1
- Use yarn HOT 5
- Choice of database HOT 8
- Session cookie expiration doesn't increment on browser cookie storage when re-visited HOT 1
- Switch to vega-lite-dev-config HOT 2
- Request GIST permission for github HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from editor-backend.