What happened?
Hello,
When trying to use the antibot with turnstile to protect multiple subdomain i found that the cookie set for the challenge is restricted to host only or when looking at the set cookie there is no host so it default to host only.
I've tried to set the session name with SESSIONS_NAME variable and add COOKIE_FLAGS but cookie flag do touch the domain. (i use MULTISITE and all domain/sub are in SERVER_NAME )
So the effect is that if user pass antibot for on domain it will redo the check for the subdomain.
i didn't found any doc concerning that part.
best regards,
How to reproduce?
use antibot with turnstile on multiple subomain
Configuration file(s) (yaml or .env)
Relevant log output
BunkerWeb version
1.6.9
What integration are you using?
Docker
Linux distribution (if applicable)
No response
Removed private data
Code of Conduct
What happened?
Hello,
When trying to use the antibot with turnstile to protect multiple subdomain i found that the cookie set for the challenge is restricted to host only or when looking at the set cookie there is no host so it default to host only.
I've tried to set the session name with SESSIONS_NAME variable and add COOKIE_FLAGS but cookie flag do touch the domain. (i use MULTISITE and all domain/sub are in SERVER_NAME )
So the effect is that if user pass antibot for on domain it will redo the check for the subdomain.
i didn't found any doc concerning that part.
best regards,
How to reproduce?
use antibot with turnstile on multiple subomain
Configuration file(s) (yaml or .env)
Relevant log output
BunkerWeb version
1.6.9
What integration are you using?
Docker
Linux distribution (if applicable)
No response
Removed private data
Code of Conduct