Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to solve `SameSite` attribute

Tags:

html

php

I looked at the console and noticed these warnings

A cookie associated with a cross-site resource at http://google.com/ was set without the SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

How to solve it?

like image 788
Tiago Avatar asked Oct 03 '19 01:10

Tiago


People also ask

How do you resolve the SameSite problem?

The warning appears because any cookie that requests SameSite=None but is not marked Secure will be rejected. To fix this, you will have to add the Secure attribute to your SameSite=None cookies. A Secure cookie is only sent to the server with an encrypted request over the HTTPS protocol.

How do I use SameSite attributes?

The SameSite attribute tells browsers when and how to fire cookies in first- or third-party situations. SameSite is used by a variety of browsers to identify whether or not to allow a cookie to be accessed.

How do you resolve this issue by updating the attributes of the cookie?

Resolve this issue by updating the attributes of the cookie: Specify SameSite=None and Secure if the cookie is intended to be set in cross-site contexts. Note that only cookies sent over HTTPS may use the Secure attribute.

How do I add attributes to SameSite cookie?

To prepare, Android allows native apps to set cookies directly through the CookieManager API. You must declare first party cookies as SameSite=Lax or SameSite=Strict , as appropriate. You must declare third party cookies as SameSite=None; Secure .


1 Answers

A solution that worked for me:

If you are using PHP, add this line to the beginning

header('Set-Cookie: cross-site-cookie=name; SameSite=None; Secure');


Update Here is a useful resource including examples in JavaScript, Node.js, PHP, and Python
https://github.com/GoogleChromeLabs/samesite-examples
like image 67
Josh Stovall Avatar answered Oct 06 '22 23:10

Josh Stovall