Skip to content
This repository has been archived by the owner on Sep 5, 2024. It is now read-only.

Enable support for samesite=none #142

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

CriGoT
Copy link

@CriGoT CriGoT commented Nov 4, 2019

Updates cookies to version 0.8.* to enable using samesite=none in preparation for the upcoming change in defaults in Chrome and other browsers ref

@literakl
Copy link

literakl commented Aug 7, 2020

What is the impact of ignoring this merge request? The time when Chrome will change its behaviour is very close.

@octopicorn
Copy link

What is the impact of ignoring this merge request? The time when Chrome will change its behaviour is very close

The impact seems to be that all cookies will be forced to samesite=lax when using Chrome now, since we can't set this property. Is there any reason this is still waiting for merge?

@bernardbaker
Copy link

@literakl @CriGoT @octopicorn apologies for being frank. But what's happening with this merge? I'm stuck with the older version which doesn't support SameSite. Leaving me with LAX on my app. Which has a front end in Netlify and the backend Express server on Heroku (cross - domain).

@chris-codaio
Copy link

I just ran into this myself trying to build support for hosting our site in an iframe (requiring a SameSite=none cookie). Would love to see this update go through.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants