You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/client/web
Will Norris 9ea3942b1a client/web: don't require secure cookies for csrf
Under normal circumstances, you would typically want to keep the default
behavior of requiring secure cookies.  In the case of the Tailscale web
client, we are regularly serving on localhost (where secure cookies
don't really matter), and/or we are behind a reverse proxy running on a
network appliance like a NAS or Home Assistant. In those cases, those
devices are regularly accessed over local IP addresses without https
configured, so would not work with secure cookies.

Updates tailscale/corp#13775

Signed-off-by: Will Norris <will@tailscale.com>
1 year ago
..
src client/web: open auth URLs in new browser tab 1 year ago
api.go client/web: add csrf protection to web client api 1 year ago
dev.go client/web: add barebones vite dev setup 1 year ago
index.html client/web: copy existing UI to basic react components 1 year ago
package.json client/web: add csrf protection to web client api 1 year ago
postcss.config.js client/web: add tailwind styling to react app 1 year ago
tailwind.config.js client/web: add tailwind styling to react app 1 year ago
tsconfig.json client/web: add tsconfig.json 1 year ago
vite.config.ts client/web: add barebones vite dev setup 1 year ago
web.css client/web: extract web client from cli package 1 year ago
web.go client/web: don't require secure cookies for csrf 1 year ago
web.html client/web: extract web client from cli package 1 year ago
web_test.go client/web: extract web client from cli package 1 year ago
yarn.lock client/web: add csrf protection to web client api 1 year ago