Paths

Table of Contentst

Differential D9287

[web] Migrate cookies to redux
ClosedPublic
Actions

Authored by michal on Sep 25 2023, 7:05 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sat, Sep 28, 7:57 PM

	Unknown Object (File)
	Sat, Sep 28, 7:57 PM

	Unknown Object (File)
	Sat, Sep 28, 7:57 PM

	Unknown Object (File)
	Sat, Sep 28, 7:57 PM

	Unknown Object (File)
	Sat, Sep 28, 7:55 PM

	Unknown Object (File)
	Aug 28 2024, 1:10 AM

	Unknown Object (File)
	Aug 27 2024, 7:58 AM

	Unknown Object (File)
	Aug 26 2024, 4:48 PM

View All 70 Files

Subscribers

Details

Reviewers

inka
kamil
atul

Commits

rCOMMa16031408fec: [web] Migrate cookies to redux

Summary

We want to migrate the browser cookies to redux. An explanation why we decided is in ENG-4347 and on Notion. We do the migration on the client after setting the cookie to httpOnly: false on the keyserver. This is normally not recommended because of XSS, but if our end goal is moving the cookie to redux, it will be accesible to js anyway, so there shouldn't be any issue with this. If the attacked can execute any js on the client they can still make authenticated calls to the keyserver/services (for services we keep commAccessToken in redux anyway).

Test Plan

Run the migration, check if the cookie was stored in redux

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

michal created this revision.Sep 25 2023, 7:05 AM

Herald added subscribers: tomek, ashoat. · View Herald TranscriptSep 25 2023, 7:05 AM

michal added a child revision: D9288: [web] Use redux cookie for communication.Sep 25 2023, 7:19 AM

Harbormaster completed remote builds in B22830: Diff 31401.Sep 25 2023, 7:22 AM

michal requested review of this revision.Sep 25 2023, 7:22 AM

kamil accepted this revision.Sep 26 2023, 2:30 AM

This revision is now accepted and ready to land.Sep 26 2023, 2:30 AM

Rebase

Added check for null cookie (this should only happen if someone in modyfying cookies directly)

Harbormaster completed remote builds in B23424: Diff 32307.Oct 23 2023, 2:44 AM

Closed by commit rCOMMa16031408fec: [web] Migrate cookies to redux (authored by Michal Gniadek <michal.gniadek@swmansion.com>). · Explain WhyOct 23 2023, 3:05 AM

This revision was automatically updated to reflect the committed changes.

Michal Gniadek <michal.gniadek@swmansion.com> added a commit: rCOMMa16031408fec: [web] Migrate cookies to redux.

Revision Contents
Changeset List

Path

Size

keyserver/

src/

session/

2 lines

lib/

types/

keyserver-types.js

5 lines

utils/

cookie-utils.js

14 lines

native/

redux/

default-state.js

1 line

web/

redux/

default-state.js

1 line

31 lines

Diff 32308

keyserver/src/session/cookies.js

Loading...

lib/types/keyserver-types.js

Loading...

lib/utils/cookie-utils.js

Loading...

native/redux/default-state.js

Loading...

web/redux/default-state.js

Loading...

web/redux/persist.js

Loading...