From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 0A55B1FF17C for ; Wed, 6 Aug 2025 12:19:08 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 98B5938B7A; Wed, 6 Aug 2025 12:20:40 +0200 (CEST) Mime-Version: 1.0 Date: Wed, 06 Aug 2025 12:20:37 +0200 Message-Id: To: "Thomas Lamprecht" , X-Mailer: aerc 0.20.0 References: <20250806095702.135277-1-s.sterz@proxmox.com> <20250806095702.135277-3-s.sterz@proxmox.com> <175447496640.32268.16650071049145923260.b4-ty@proxmox.com> In-Reply-To: <175447496640.32268.16650071049145923260.b4-ty@proxmox.com> From: "Shannon Sterz" X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1754475616577 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.023 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [PATCH proxmox-backup 1/1] ui: login: opt the tfa challenge handling into the new HttpOnly flow X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" On Wed Aug 6, 2025 at 12:09 PM CEST, Thomas Lamprecht wrote: > On Wed, 06 Aug 2025 11:57:02 +0200, Shannon Sterz wrote: >> this was missed previously leading to the tfa part of the auth flow >> not opting into the new auth flow. this meant the server did not add a >> Set-Cookie header. after that whether or not a login worked fine >> became a race between the refresh logic (which was opted into the new >> flow and, thus, would yield a proper HttpOnly cookie) and other >> requests. >> >> [...] > > Applied, thanks! > > tiny nit: we would prefer camelCase in JS, but that's just internal so we can > change it at any time with a fallback to the previous property. yes sorry, noticed that after i send it, just send a follow-up. snake case is too much of a habbit at this point ^^' > [1/1] ui: login: opt the tfa challenge handling into the new HttpOnly flow > commit: 4e7c0d6a264557e4e9eea3b0cae2a97260848469 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel