shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: add language to mention disruptive nature of cookie host prefix (#22384)

Browse Source
This commit is contained in:
Steven Masley
2026-02-27 09:59:01 -06:00
committed by GitHub
parent 0bafc05c37
commit 21bc185254
5 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cli/testdata/coder_server_--help.golden
Vendored
+3 -1
View File
@@ -391,7 +391,9 @@ NETWORKING OPTIONS:
--host-prefix-cookie bool, $CODER_HOST_PREFIX_COOKIE (default: false)
Recommended to be enabled. Enables `__Host-` prefix for cookies to
guarantee they are only set by the right domain.
guarantee they are only set by the right domain. This change is
disruptive to any workspaces built before release 1.31, requiring a
workspace restart.
NETWORKING / DERP OPTIONS:
Most Coder deployments never have to think about DERP because all connections
cli/testdata/server-config.yaml.golden
Vendored
+2 -1
View File
@@ -182,7 +182,8 @@ networking:
# (default: lax, type: enum[lax\|none])
sameSiteAuthCookie: lax
# Recommended to be enabled. Enables `__Host-` prefix for cookies to guarantee
# they are only set by the right domain.
# they are only set by the right domain. This change is disruptive to any
# workspaces built before release 1.31, requiring a workspace restart.
# (default: false, type: bool)
hostPrefixCookie: false
# Whether Coder only allows connections to workspaces via the browser.
codersdk/deployment.go
+1 -1
View File
@@ -2912,7 +2912,7 @@ func (c *DeploymentValues) Options() serpent.OptionSet {
},
{
Name: "__Host Prefix Cookies",
Description: "Recommended to be enabled. Enables `__Host-` prefix for cookies to guarantee they are only set by the right domain.",
Description: "Recommended to be enabled. Enables `__Host-` prefix for cookies to guarantee they are only set by the right domain. This change is disruptive to any workspaces built before release 1.31, requiring a workspace restart.",
Flag: "host-prefix-cookie",
Env: "CODER_HOST_PREFIX_COOKIE",
Value: serpent.BoolOf(&c.HTTPCookies.EnableHostPrefix),
docs/reference/cli/server.md
Generated
+1 -1
View File
@@ -1067,7 +1067,7 @@ Controls the 'SameSite' property is set on browser session cookies.
| YAML | <code>networking.hostPrefixCookie</code> |
| Default | <code>false</code> |
Recommended to be enabled. Enables `__Host-` prefix for cookies to guarantee they are only set by the right domain.
Recommended to be enabled. Enables `__Host-` prefix for cookies to guarantee they are only set by the right domain. This change is disruptive to any workspaces built before release 1.31, requiring a workspace restart.
### --terms-of-service-url
enterprise/cli/testdata/coder_server_--help.golden
Vendored
+3 -1
View File
@@ -392,7 +392,9 @@ NETWORKING OPTIONS:
--host-prefix-cookie bool, $CODER_HOST_PREFIX_COOKIE (default: false)
Recommended to be enabled. Enables `__Host-` prefix for cookies to
guarantee they are only set by the right domain.
guarantee they are only set by the right domain. This change is
disruptive to any workspaces built before release 1.31, requiring a
workspace restart.
NETWORKING / DERP OPTIONS:
Most Coder deployments never have to think about DERP because all connections