open-webui

mirror of https://github.com/open-webui/open-webui synced 2025-02-07 21:47:29 +00:00

History

Antti Pyykkönen 412923dc91 feat: separate cookie settings between session & auth cookies Introducing two new env config options to control cookies settings regarding authentication. These values are taken into use when setting 'token' and 'oauth_id_token'. To maintain backwards compatibility, the original session cookie values are used as fallback. Separation is done to prevent issues with the session cookie. When the config value was set as 'strict', the oauth flow was broken (since the session cookie was not provided after the callback). Providing a separate config for auth & session cookies allows us to keep the 'strict' settings for auth related cookies, while also allowing the session cookie to behave as intended (e.g., by configuring it as 'lax'). The original config was added in commit #af4f8aa. However a later commit #a2e889c reused this config option for other type of cookies, which was not the original intent.		2025-01-23 16:16:50 +02:00
..
data
open_webui	feat: separate cookie settings between session & auth cookies	2025-01-23 16:16:50 +02:00
.dockerignore
.gitignore
dev.sh
requirements.txt	chore: bump duckduckgo-search	2025-01-22 10:46:57 -08:00
start_windows.bat
start.sh