Prevent cookie sharing between same subgroup
What does this MR do?
Prevent cookie sharing between same subgroup
We had already introduced cookie path, which was preventing cookie sharing in browser.
In this MR, we are checking cookie path with request path to prevent cookie sharing programmatically.
Duo has given good explanation here about the implementation.
Related: gitlab#538323
Changelog: added
TODO
-
Feature flag -
Added feature flag: -
This feature does not require a feature flag
-
-
I added the Changelogtrailer to the commits that need to be included in the changelog (e.g.Changelog: added) -
I added unit tests or they are not required -
I added acceptance tests or they are not required -
I added documentation (or it's not required) -
I followed code review guidelines -
I followed Go Style guidelines
Edited by Naman Jagdish Gala