Giters

jupyterhub / jupyterhub

Multi-user server for Jupyter notebooks

Home Page:https://jupyterhub.readthedocs.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Enable `__Host-` "domain-locked" cookies when using subdomains

minrk opened this issue · comments

commented

Proposed change

__Host- prefixed cookies offer some enhanced protection. They come with restrictions that:

  • they are set with Secure (requires HTTPS)
  • the have path=/ (can't be used without user subdomains)
  • they do not have a domain set (i.e. cannot be shared by subdomains)

This means we can't use them for JupyterHub cookies except for deployments using subdomains and HTTPS, but when a deployment uses subdomains and HTTPS, they could further benefit from cookie security.

Alternative options

Keep what we have.

Who would use this feature?

Deployments using HTTPS and user subdomains

(Optional): Suggest a solution

Implement a conditional to add the __Host- prefix to cookies, either its own standalone config or derived from subdomains being enabled + https (arguably subdomains without HTTPS shouldn't exist as an option, but we rely on it for testing!). This would also have to strip the path prefix from cookie kwargs.

commented

This is available in JupyterHub 4.1