Codeigniter 3 SameSite attribute for csrf protection

Question

I have applications that make CORS calls to each other. Google in April 2020 will need SameSite cookies = none. https://www.chromestatus.com/feature/5633521622188032

Since chrome version 80+ all user that use chrome browser impact this csrf error. how to fix this problem on Codeigniter framework that using PHP 7.3

Answer 1

I had this same problem but my PHP 7.2 and my CI 3.X. The problem was solved by making the following change to the applications / config / config.php file

$config['cookie_prefix']    = '';
$config['cookie_domain']    = ''; 
$config['cookie_path']      = '/; SameSite=None';
$config['cookie_secure']    = TRUE;
$config['cookie_httponly']  = FALSE;