MIME-Version: 1.0
In-Reply-To: 
 <CAFOhELdtE9dJz9Raw3nXJ3qgo+ZjVRUmdNta7Bk5Pf3=O137eQ@mail.gmail.com>
References: 
 <CAE+jja=24CGbB8kBXnKNNRT4n=t=f1hNYAi+iMNgZPhvtaJ_kQ@mail.gmail.com>
 <CAFOhELdND4ZwmPk2D+MDYERWsiFqUHjLBwLUJ0ZasgYqva+ZSg@mail.gmail.com>
 <CAE+jjamAJh82ZPN59R+-4bFROQccARKwG8YPS3Xtt9M8qm_mww@mail.gmail.com>
 <CAKKotZT2M1q=0mfYrw13DSD8Og3ZYsfzt3sc8Y2sRiy7565uVA@mail.gmail.com>
 <CAE+jjamnndMfhN-tnQmczY6NrNRVRdyeVVQ3RcE8SiKcg_HhSA@mail.gmail.com>
 <CAFOhELdroDKmtNFS4T=ha=d35knfw8dmr2G6Cx0+5gmDqC+eKw@mail.gmail.com>
 <CAE+jjanHFe7Di5HASmQUQRWzCg+qQMpZEK7K9GmD7mQVC1bPMA@mail.gmail.com>
 <CAFOhELconM+iXeEAxeYNt5XU3UoE640tLK8V5839q4i4rtGoYA@mail.gmail.com>
 <CAE+jja=LBv-u5oXt=8JucnUC7NdYq06FqP6K6-w199ozg0emOQ@mail.gmail.com>
 <CAFOhELcfBBU30Qnzj6O-XtwwMBT-fN1AewX+MFsfa6_VL0rmmA@mail.gmail.com>
 <CAE+jjak5GMg3cOvX5PLVO56r1HhdwwoF6frRq4GzNeF_9zX32A@mail.gmail.com>
 <CA+OCxozhkY_s1YC0BmrYrwfV59QCF8pCXyNiErDmf7ebj+tJWw@mail.gmail.com>
 <CAFOhELdtE9dJz9Raw3nXJ3qgo+ZjVRUmdNta7Bk5Pf3=O137eQ@mail.gmail.com>
From: Dave Page <dpage@pgadmin.org>
Date: Fri, 23 Mar 2018 10:14:27 +0000
Message-ID: 
 <CA+OCxoyf1cdYfNqX_NemaaJ_3mn6MiaoJocyjcZqxDwOyo_ZhA@mail.gmail.com>
Subject: Re: Experiencing issues
To: Khushboo Vashi <khushboo.vashi@enterprisedb.com>
Cc: Joao De Almeida Pereira <jdealmeidapereira@pivotal.io>,
	Murtuza Zabuawala <murtuza.zabuawala@enterprisedb.com>,
	pgadmin-hackers <pgadmin-hackers@postgresql.org>
Content-Type: multipart/alternative; boundary="001a114b3ab8804477056811b007"
Precedence: bulk

--001a114b3ab8804477056811b007
Content-Type: text/plain; charset="UTF-8"

On Fri, Mar 23, 2018 at 6:17 AM, Khushboo Vashi <
khushboo.vashi@enterprisedb.com> wrote:

> Hi,
>
> On Wed, Mar 21, 2018 at 9:31 PM, Dave Page <dpage@pgadmin.org> wrote:
>
>>
>>
>> On Wed, Mar 21, 2018 at 3:57 PM, Joao De Almeida Pereira <
>> jdealmeidapereira@pivotal.io> wrote:
>>
>>> Sorry I did not understand what you said.
>>> This configuration:
>>>
>>> DEFAULT_SERVER = '0.0.0.0'
>>> SESSION_COOKIE_DOMAIN = DEFAULT_SERVER
>>> COOKIE_DEFAULT_DOMAIN = DEFAULT_SERVER
>>>
>>> If the application lives in the domain pgadmin.somedomain.com do I need
>>> to have in config_local:
>>> DEFAULT_SERVER = '0.0.0.0'
>>> SESSION_COOKIE_DOMAIN = 'pgadmin.somedomain.com'
>>> COOKIE_DEFAULT_DOMAIN = 'pgadmin.somedomain.com'
>>> ?
>>>
>>> Does this mean that if for some reason I have a second domain like
>>> pgadmin.somedomain2.com that I want to use I cannot?
>>>
>>> The issue of 127.0.0.1 to localhost is very cumbersome, and somehow we
>>> should be able to disable this, because when we are developing doesn't make
>>> sense to not being able to use localhost and 127.0.0.1
>>>
>>
>> +1. I didn't realise we'd added this restriction when I tested the patch.
>>
>> Perhaps a better approach would be to leave the default cookie handling
>> as it was, and just expose the domain and path via config options that the
>> user can set if appropriate for their installation.
>>
>> Please find the attached updated patch as discussed.
>
> If one has to set cookie domain and path then below *config variables*
> should be changed.
>
> COOKIE_DEFAULT_PATH
> COOKIE_DEFAULT_DOMAIN
> SESSION_COOKIE_DOMAIN
>

Thanks, applied.

-- 
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

--001a114b3ab8804477056811b007
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><div class=3D"gmail_quo=
te">On Fri, Mar 23, 2018 at 6:17 AM, Khushboo Vashi <span dir=3D"ltr">&lt;<=
a href=3D"mailto:khushboo.vashi@enterprisedb.com" target=3D"_blank">khushbo=
o.vashi@enterprisedb.com</a>&gt;</span> wrote:<br><blockquote class=3D"gmai=
l_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left=
:1ex"><div dir=3D"ltr">Hi,<br><div class=3D"gmail_extra"><br><div class=3D"=
gmail_quote"><span class=3D"">On Wed, Mar 21, 2018 at 9:31 PM, Dave Page <s=
pan dir=3D"ltr">&lt;<a href=3D"mailto:dpage@pgadmin.org" target=3D"_blank">=
dpage@pgadmin.org</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote=
" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);=
padding-left:1ex"><div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><div =
class=3D"gmail_quote"><span class=3D"m_-8011092636792652852gmail-">On Wed, =
Mar 21, 2018 at 3:57 PM, Joao De Almeida Pereira <span dir=3D"ltr">&lt;<a h=
ref=3D"mailto:jdealmeidapereira@pivotal.io" target=3D"_blank">jdealmeidaper=
eira@pivotal.io</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" =
style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);pa=
dding-left:1ex"><div dir=3D"ltr">Sorry I did not understand what you said.<=
div>This configuration:</div><br>DEFAULT_SERVER =3D &#39;0.0.0.0&#39;<br>SE=
SSION_COOKIE_DOMAIN =3D DEFAULT_SERVER<br>COOKIE_DEFAULT_DOMAIN =3D DEFAULT=
_SERVER<br><br>If the application lives in the domain <a href=3D"http://pga=
dmin.somedomain.com" target=3D"_blank">pgadmin.somedomain.com</a> do I need=
 to have in config_local:<div>DEFAULT_SERVER =3D &#39;0.0.0.0&#39;<br>SESSI=
ON_COOKIE_DOMAIN =3D &#39;<a href=3D"http://pgadmin.somedomain.com" target=
=3D"_blank">pgadmin.somedomain.com</a>&#39;</div><div>COOKIE_DEFAULT_DOMAIN=
 =3D &#39;<a href=3D"http://pgadmin.somedomain.com" target=3D"_blank">pgadm=
in.somedomain.com</a>&#39;</div><div>?</div><div><br></div><div>Does this m=
ean that if for some reason I have a second domain like <a href=3D"http://p=
gadmin.somedomain2.com" target=3D"_blank">pgadmin.somedomain2.com</a> that =
I want to use I cannot?</div><div><br></div><div>The issue of 127.0.0.1 to =
localhost is very cumbersome, and somehow we should be able to disable this=
, because when we are developing doesn&#39;t make sense to not being able t=
o use localhost and 127.0.0.1=C2=A0</div></div></blockquote><div><br></div>=
</span><div>+1. I didn&#39;t realise we&#39;d added this restriction when I=
 tested the patch.</div><div><br></div><div>Perhaps a better approach would=
 be to leave the default cookie handling as it was, and just expose the dom=
ain and path via config options that the user can set if appropriate for th=
eir installation.</div><div><div class=3D"m_-8011092636792652852gmail-h5"><=
div><br></div></div></div></div></div></div></blockquote></span><div>Please=
 find the attached updated patch as discussed.</div><div><br></div><div>If =
one has to set cookie domain and path then below <i>config variables</i> sh=
ould be changed.</div><div><br></div><div><span style=3D"background-color:r=
gb(204,204,204)">COOKIE_DEFAULT_PATH<br></span></div><div><span style=3D"ba=
ckground-color:rgb(204,204,204)">COOKIE_DEFAULT_DOMAIN</span></div><div><sp=
an style=3D"background-color:rgb(204,204,204)">SESSION_COOKIE_DOMAIN</span>=
</div></div></div></div></blockquote><div><br></div><div>Thanks, applied.</=
div><div>=C2=A0</div></div>-- <br><div class=3D"gmail_signature" data-smart=
mail=3D"gmail_signature">Dave Page<br>Blog: <a href=3D"http://pgsnake.blogs=
pot.com" target=3D"_blank">http://pgsnake.blogspot.com</a><br>Twitter: @pgs=
nake<br><br>EnterpriseDB UK: <a href=3D"http://www.enterprisedb.com" target=
=3D"_blank">http://www.enterprisedb.com</a><br>The Enterprise PostgreSQL Co=
mpany<br></div>
</div></div>

--001a114b3ab8804477056811b007--