How to confirm client-storage-read view is rendered (for SameSite)
cantor.2 at osu.edu
Thu Feb 27 17:41:43 EST 2020
On 2/27/20, 2:42 PM, "users on behalf of Dan Malone" <users-bounces at shibboleth.net on behalf of dmalone at calpoly.edu> wrote:
> Following conclusions on the SameSite testing wiki:
That is not the "for deployers" page, for the record, which is why it's impossible to follow for most people. The digestible conclusions are under SameSite in the Productionalization sections.
> Should we expect to see a second request here as the client-storage-read view is rendered?
> 2. Logs - Is there anywhere in the logs that would indicate the client-storage-read view was rendered?
> 3. Local Storage - Even though we are using server side session storage, will enabling local storage cause the IDP to store
> anything client side?
No, but enabling it just to avoid a few extra logins doesn't really make a lot of sense to me. Once V4 is out, you might as well just enable the SameSite filter instead.
More information about the users