Unable to use MKCad Parts Library on onshape.com with samesite=Lax enabled
Categories
(Core :: Networking: Cookies, defect, P2)
Tracking
()
People
(Reporter: ksenia, Unassigned)
References
()
Details
(Keywords: webcompat:needs-contact, Whiteboard: [necko-triaged])
Attachments
(3 files)
This was originally reported in https://github.com/webcompat/web-bugs/issues/98508.
The account on this website requires some additional set up, so to save time I've created this document with credentials that our team uses: https://docs.google.com/spreadsheets/d/1TMLRdbD8wag4Pd_Cnb1UMnvMcty8vZ-MMBGpI42lpys/edit?usp=sharing
- To reproduce, visit https://cad.onshape.com/documents/2210444308077e83f4997f0d/w/c607e8118ca1e9676e2d777d/e/78390b83d42d2a4dacce4219 and sign in.
- Click on blue "MK" icon on the right of the screen
- Observe the behaviour
Actual:
Sign in panel is displayed and after sign in it's redirecting back to it again
Expected:
Table with content is displayed
Setting network.cookie.sameSite.laxByDefault
to false fixes the problem
Reporter | ||
Comment 1•2 years ago
|
||
The problem seems to be with missing cookies in this particular request:
(https://oauth.onshape.com/oauth/authorize?response_type=code&redirect_uri=https://mkcad.julias.ch/oauthRedirect&client_id=2ZT7X5D646R3LM3ZND7LGBTYRVM4SVH6CDDGM6I=).
the two missing cookies are on
and on-session-id
Reporter | ||
Comment 2•2 years ago
•
|
||
This is the same request with samesite=Lax
enabled and those two cookies are sent (in addition, a 302 redirect is performed)
Updated•2 years ago
|
Updated•2 years ago
|
Comment 3•2 years ago
|
||
Until the situation with samesite lax is resolved, we can try reaching out to the site to see if they can fix this on their end. (We should probaby do the same for the other sites listed on the meta bug). For now I'll set this to webcompat P2.
Comment 4•2 months ago
|
||
We won't be shipping samesitelax by default, so all of this breakage bug can be closed: Bug 1617609
Description
•