vikunja

mirror of https://github.com/go-vikunja/vikunja.git synced 2026-03-12 01:59:34 -05:00

Files

kolaente 530973c475 fix(auth): make SameSite=None conditional on HTTPS for refresh cookie

SameSite=None requires Secure=true per browser spec. When running over
plain HTTP (local dev, e2e tests), browsers reject or downgrade the
cookie, breaking session refresh. Fall back to SameSite=Lax for HTTP
while keeping SameSite=None for HTTPS (needed for the Electron desktop
app cross-origin scenario).

2026-03-03 10:41:19 +01:00

auth

fix(auth): make SameSite=None conditional on HTTPS for refresh cookie

2026-03-03 10:41:19 +01:00

avatar

fix: use session-aware file creation to avoid nested transactions

2026-02-25 11:03:02 +01:00

background

fix: use session-aware file creation to avoid nested transactions

2026-02-25 11:03:02 +01:00

dump

fix(restore): extract preValidateTableData to reduce cyclomatic complexity