-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Is there a technical reason why Microsoft doesn’t use IdentityServer4 with its implementation of the OpenId Connect and Oauth2 technologies. https://github.com/IdentityServer/IdentityServer4. They seem to be pushing it quite hard in Visual Studio and it appears to be designed for this very use case (cross domain authentication). Or do even they think it’s too overkill for GitHub ;)
- You should check for case sensitivity when reading `__Host` prefixed cookies, and verify the values against your expected format. It's possible for both `__HOST-Foo` and `__Host-Foo` cookies to exist, and only the `__Host` prefix requires the `Secure` and `HttpOnly` attributes [2]. In our case we strip all cookies at the edge using Varnish (VCL) to ensure no user-supplied cookies make it to our origin, and now we also ignore any "Secure" cookies that don't appear to have been set by our servers.
[1]: https://github.com/openresty/lua-nginx-module/pull/1654
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Se...