weizhouapache commented on pull request #898: URL: https://github.com/apache/cloudstack-primate/pull/898#issuecomment-760902807
> > > > @wido this is a good way to avoid CORS. thanks for sharing. > > To set cookie of other domains, you need to enable 3rd-party cookie on server side. > > `Set-Cookie: SiteSite=None; Secure` > > if you use nginx, add `proxy_cookie_path / "/; Secure; SameSite=None;";` > > it also means both server and client side must be secure (https) > > This is something I would need to investigate. Haven't been able to do so yet. @wido I have tested it with nginx. it works well. setting cookie header is supported by haproxy 1.8+ ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
