I have a website which requires authentication from another site to login. Both are different domains.
I have enabled the samesite by default cookies flag from chrome://flags. Just to check how chrome's new update effects in my website.
It is working perfectly in my deployed site. But when i try to run the same in my localhost, I am not able to login. I lost my third-party cookies.
It would be great, if someone explains the reason.
SameSite=None requires Secure The warning appears because any cookie that requests SameSite=None but is not marked Secure will be rejected. To fix this, you will have to add the Secure attribute to your SameSite=None cookies. A Secure cookie is only sent to the server with an encrypted request over the HTTPS protocol.
In Chrome do the following: Type chrome://flags in the browser address box and hit enter Type cook in the search flags box Change SameSite by default cookie setting to Disabled Click relaunch button in the lower right corner.
Resolve this issue by updating the attributes of the cookie: Specify SameSite=None and Secure if the cookie is intended to be set in cross-site contexts. Note that only cookies sent over HTTPS may use the Secure attribute.
Go to chrome://flags/ then search cookies in the search box, there should be 4 options. Check Enable removing SameSite=None cookies and Consider SameParty cookies to be first-party sections. It maybe helps.
Unfortunately all cookies with SameSite=None
must have a Secure
parameter as well. Since you are unlikely to run HTTPS on your development server, this means your cookies won't work because the cookies are not sent over HTTPS.
The only workaround I am currently aware of is to check your environment, and set the cookies with SameSite=Lax
for your development environment, and to SameSite=None; Secure
for production.
In Express, you could use the secure
parameter to check if you are running on HTTPS, and then set your cookie as follows:
const {secure} = req;
res.cookie('key', 'contents', {
secure,
httpOnly: true,
sameSite: secure ? 'None' : 'Lax',
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With