Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Chrome Console SameSite Cookie Attribute Warning

Tags:

google-chrome

google-chrome-devtools

google-chrome-extension

Is anybody else getting this Chrome console warning?

A cookie associated with a cross-site resource at was set without the SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at and .

In Chrome Flags chrome://flags/ I've tried disabling both:

  • SameSite by default cookies

  • Cookies without SameSite must be secure

And the warning won't go away.

like image 348
Tom Shaw Avatar asked Oct 03 '19 01:10

Tom Shaw

People also ask

How do I enable SameSite cookies in Chrome?

Enable the new SameSite behavior If you are running Chrome 91 or newer, you can skip to step 3.) Go to chrome://flags and enable (or set to "Default") both #same-site-by-default-cookies and #cookies-without-same-site-must-be-secure. Restart Chrome for the changes to take effect, if you made any changes.

How do you set a cookie with SameSite attribute?

To prepare, Android allows native apps to set cookies directly through the CookieManager API. You must declare first party cookies as SameSite=Lax or SameSite=Strict , as appropriate. You must declare third party cookies as SameSite=None; Secure .

How do I get rid of SameSite by default cookies in Chrome?

Go to chrome://flags/ then search cookies in the search box, there should be 4 options. Check Enable removing SameSite=None cookies and Consider SameParty cookies to be first-party sections.

How do I turn off SameSite in Chrome?

In Chrome do the following: Type chrome://flags in the browser address box and hit enter Type cook in the search flags box Change SameSite by default cookie setting to Disabled Click relaunch button in the lower right corner.

1 Answers

This is something that the third-party cookie setters (like Stripe) need to handle on their end.

I reached out to Stripe because I was getting this message for Stripe payments.

Stripe support response:

It looks like we're already tracking this internally as this warning comes from Stripe.js, not from react-stripe-elements. For now this is a warning and won't affect payments, and we're working on a fix which will eliminate this message and be compatible with Chrome's upcoming cookie-handling changes.

(Me) So, it's all on your end? I don't need to do anything?

No, this is something we have to get worked out on our end.

Oh, if you're a developer at Stripe/Facebook/Pinterest/so-forth, this answer won't work for you ;)

like image 121
user984003 Avatar answered Sep 23 '22 18:09

user984003
Sign in to Comment

Related questions

Unexpected token ILLEGAL in webkit
Restoring console.log()
What is the source of the double-dollar sign selector query function in Chrome/Firefox?
Searching for HTML elements in Chrome DevTools
Setting the value of 'dataURL' exceeded the quota
How to develop Chrome extension for Gmail?
What is the experience with Google 'Omaha' (their auto-update engine for Chrome)?
How to inspect JavaScript function return value in Chrome debugger?
CORS request - why are the cookies not sent?
Replay HTTP POST in google chrome Developer
Chrome DevTools converts all HEX Colors to RGB
Chrome: Source of Post Data?
Where does Chrome store cookies?
Any way to start Google Chrome in headless mode?
How do I copy cookies from Chrome?
I am not emulating mobile devices. How do I disable the Chrome DevTools device emulator?
Why is Chrome showing a "Please Fill Out this Field" tooltip on empty fields?
Google chrome css doesn't update unless clear cache
Using Google Chrome to debug and edit javascript embedded in HTML page
Debug tampermonkey script

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!