Menu
When redirected back to my site from the third party site user session becoming empty. I have checked Response.Cookies["ASP.NET_SessionId"]; sets new value after redirect. By default, ASP.NET_SessionId it sets as Lax. Any possible way to change SameSite value in Session_Start of .net framework 4.5.2 or possible anywhere?
204
If you’re on .Net 4.7 or higher, Microsoft supports setting SameSite to None. The official recommendation is that if you want to use SameSite None, then you need to move up to .Net 4.7.2, which if you are able, you should absolutely do.
In this article .NET Framework 4.7 has built-in support for the SameSiteattribute, but it adheres to the original standard. The patched behavior changed the meaning of SameSite.Noneto emit the attribute with a value of None, rather than not emit the value at all.
A value of None means "Emit the attribute with a value of None ". A SameSite value of (SameSiteMode) (-1) causes the attribute not to be emitted. The default SameSite value for forms authentication and session state cookies was changed from None to Lax. Summary of change impact on browsers
You can revert the updated sameSite behavior in .NET Framework apps to its previous behavior where the sameSite attribute is not emitted for a value of None, and revert the authentication and session cookies to not emit the value.
Couple options to work around this constraint with older versions of the .net framework
HttpContext.Current.Response.Headers.Append("set-cookie", $"{key}={value}; path=/; SameSite=Strict; Secure");
Is one option for setting the headers manually with the SameSite defined. Above, key is the cookie name, value is the cookie value
Alternatively:
myCookie.Path = "/; SameSite=Strict; Secure";
I've tested these options, both appear to work
Values listed above are for examples only, you will need to supply the appropriate values [Lax|Strict|None|etc]. The Secure flag indicates that its transmitted over https only. Ymmv
90
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
