SameSite Cookies

As per new RFC for cookies,


A new attribute is introduced for cookies called  SameSite. This attributes decides whether cookies associcated with request are forward or not along with request on a cross site request.


SameSite attributes accept three values. lax, strict and none.

SameSite=lax,
     For HTTP methods like POST, PUT , DELETE, if the request is originated from cross site. Cookies will be blocked in the request.
  For HTTP Methods like GET, HEAD, If the request is originated from cross site. Cookies will be allowed along with the request.

SameSite=strict
Cookies are blocked , if the request is cross site request.

     For HTTP methods like POST, PUT , DELETE, if the request is originated from cross site. Cookies will be blocked in the request.
  For HTTP Methods like GET, HEAD, If the request is originated from cross site. Cookies will be blocked in the request.


SameSite=none

Cookies are allowed for all methods for cross origin request.

Some of the browsers mandate to secure flag along with none flag.
This is called no restriction.


What is samesite and crosssite.
 Example 1:
sample.test.com and sample.abc.com are cross site.

 Example 2:
sample.test.com and abc.test.com are same site

Example 3:
sample.abc.test.com and xyz.abc.test.com are samesite.

Example 4:

sample.hyd.test.com and xyz.ind.test.com are samesite as per chrome implementation.

Cookie Domain is not considered while deciding if the request is same site or cross site.

Example 
sample.hyd.test.com and xyz.ind.test.com  are two sites whos cookie domain scope is 3.
implies cookie created  for sample.hyd.test.com with cookie domain value .hyd.test.com and cookie created for xyz.ind.test.com  with cookie domain value ind.test.com.
When there request from sample.hyd.test.com is made to xyz.ind.test.com. This will be treated as samesite, ind.test.com domain cookie is forward to xyz.ind.test.com site.












working commands - day to day usage


Convert files from dos to unix for current folder
find . -type f -print0 | xargs -0 dos2unix

convert files from specific folder from dos to unix.
 find /<foldername> -type f -print0 | xargs -0 dos2unix

recursive permissions for folder
chmod -R 777 *
 

Create a tar command
tar cvf test.tar * 
where test.tar is file name to be created.

Extract the tar

tar xvf test.tar
where test.tar is file to be extracted.
 
 
Windows : Recursive deletion of files.
Delete Files of Specific Extension using Command Prompt
DEL /S /Q *.TMP
 

How to display content of ssl certificate


printing a certificate
openssl.exe  x509 -in <cer file > -text
openssl.exe  x509 -in sample.cer -text

der formated cert
openssl x509 -in <der file > -inform der -text

Both Print the certificate like below example :printing cert cer file
certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:16:3c:56:33:a6:4f:33:48:c5:b1:4f:17:d4:e8:49
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=sslcert.test.com
        Validity
            Not Before: Jan 15 11:09:04 2019 GMT
            Not After : Jan 15 11:09:04 2020 GMT
        Subject: CN=sslcert.test.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    8c:e6:52:18:6e:aa:33:0e:a7:c1:75:8a:bb:c5:93:
                    09:95:c5:48:e2:d8:cd:aa:27:22:bb:98:4a:b3:23:
                    15:43:90:75:7b:af:aa:c4:fa:8a:ab:bb:a7:02:5f:
                    bc:f2:74:2e:33:d8:cd:ac:6e:fd:a7:cd:62:33:c1:
                    7d:47:d8:cd:2a:36:6f:f7:93:a4:34:02:cf:ee:e9:
                    99:97:09:56:df:ab:dd:6e:41:72:df:77:ca:7f:b8:
                    55:7a:b3:03:2c:05:ba:5f:d4:60:6f:fa:fa:06:00:
                    40:94:1f:8f:33:33:3a:ec:b7
                Exponent: XXXX (0xX000X)
        X509v3 extensions:
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 Key Usage:
                Digital Signature, Key Encipherment, Data Encipherment
    Signature Algorithm: sha1WithRSAEncryption
         9e:73:85:43:0f:0d:46:76:b6:75:7d:b0:a0:76:dd:fe:17:53:

         df:5f:8a:e2:d8:cd:65:t3:2b:9a:33:cd:53:81:c5:07:23:fa:
         30:7e:f8:27:03:19:10:1c:06:e4:88:59:70:48:ae:57:43:28:
         69:f6:1c:20:af:d3:59:46:d1:23:f4:e1:fb:b7:21:0a:73:4b:
         88:03:77:97:23:2a:36:6f:f7:93:ee:88:52:88:7d:f0:c6:55:
         90:5f:6f:3c:f7:3f:c6:bf:60:1a:5a:d1:29:ae:d3:db:92:2f:
         da:6d
-----BEGIN CERTIFICATE-----
MIIB7DSSCAVWgAwIBAgIQFxY8VsimT4JIxddbFPF9ToSTANBgkqhkiG9w33AQUFAD

ddcNMjAwMTE2MTIwOTA0WjAgMR4ddAYDVQQDExVsb2Rpc2VjMmJWTTAxMS5jYS5j
Waxu/afNYgvBfUeXLSo2b/eTpDQCz+7pmZcJyd+rbG5Bct93yn+4VXqzAywFDl/U
YG/6+gYAQJQfj2jIOuy3AgMSDeHcJzAlMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA4G
A1UdDwQHAwUAsAAAADANBgkqhksw9w33AQUFAAOBgQCec4VDDw1GdrZ1fbCgdur+
F1Nvyf9cKXtr6rgjykvxb+LbhpTfX4ri2IdlyCuaUc1TgcUHI/owfvgnAxkQHAbk
iFlwSK5XQyhp9hwgr9NZRtHo9OH7tyEKc0uIA3YtwxbaTslb6YhSiH3wxlWQX288
9z/Gv2AaWtEprtPbki/abQ==
-----END CERTIFICATE-----