MyFavMirrors
/
moonfire-nvr
mirror of https://github.com/scottlamb/moonfire-nvr.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
moonfire-nvr/design
History
Scott Lamb 560fe804d6 use SameSite=Lax instead of SameSite=Strict 
To improve reliability of live streams (#59) on Safari.

Safari was dropping the cookie from websocket update requests.
(But it worked sometimes. I don't get why.) I saw folks on the Internet
thinking this related to HttpOnly:

*   https://developer.apple.com/forums/thread/104488
*   https://stackoverflow.com/q/47742807/23584

but I still see this behavior without HttpOnly. SameSite=Strict vs
SameSite=Lax appears to make a difference. Try that instead.
SameSite=Strict is pointless for us anyway as noted in a new comment.
Turning off HttpOnly would be more unfortunate security-wise.
 		2021-03-31 13:08:03 -07:00
..
api.md use SameSite=Lax instead of SameSite=Strict 2021-03-31 13:08:03 -07:00
glossary.md start splitting wall and media duration for #34 2020-08-04 21:44:01 -07:00
schema.md track cumulative duration and runs 2020-06-09 16:17:32 -07:00
time-frames.png try again to fix time.md diagram 2016-12-26 21:41:19 -08:00
time.md remove stale warning about time handling 2020-12-22 19:51:50 -08:00