Skip to content

feat: use cookies in requests

Jednotné přihlášení test requested to merge github/fork/Johaney-s/cookies into master

Created by: Johaney-s

  • without sending cookies, sessions for service-access (basic auth) are renewed on backend for each request
  • that causes extsource loa to be updated which then updates relevant attribute (2 audit messages for EACH request!)
  • this was not a problem for oidc access, because session was not renewed in case of missing cookies
  • withCredentials header will solve problem for renewing sessions, but requests will fail if apache configuration does not allow domain for this behavior
  • localhost is not supported origin, therefore we only add withCredentials header to calls from domain not coming from localhost

Merge request reports