SE-3154 + SE-3175 Updates for Juniper auth and forum issues
Configuration changes to address issues noted during Juniper upgrades.
Use secure cookies with default SameSite=None policy
7401806 Updates the default instance configuration to set:
EDXAPP_CSRF_COOKIE_SECURE: true
EDXAPP_SESSION_COOKIE_SECURE: true
Forum dependencies build error
Loss of a pinned dependency in cs_comments_service requires using our custom branch until the issue is merged upstream.
679dd78 Applies this for juniper and ironwood deployments.
Sandbox
- LMS: https://se3154.sandbox.stage.opencraft.hosting/
- Studio: https://studio.se3154.sandbox.stage.opencraft.hosting/
Testing instructions
Deployed to Ocim stage, see sandbox links above. Since we don't have LetsEncrypt certificates set up for stage instances, you'll have to accept the self-signed cert to do this testing.
Using Chrome, Firefox, and Safari:
- Register a new user account.
- Activate the account (see email).
- Logout
- Login again
- Enrol in the DemoX course, and navigate to the discussion forum
- Ensure you can post a message there.
Author Notes & Concerns
- Initially added
DCS_SESSION_COOKIE_SAMESITE: "Lax"
, but reverted due to unknown unintended side effects on auth to 3rd party apps like LTI. - Have hard-coded a
FORUM_VERSION
on open-craft's own fork, but this is intended to be temporary until upstream changes merge.
Reviewers
CC @Clemente