I have an app that lists different in-house and third party apps. There are some apps that are opened in iframe within my app and some of them are SSO enabled. Recently after chrome update to version 84.0.4147.125 the SSO login stopped working for apps in iframe, its working fine when opened in a new browser window.
This behavior isn't occurring in any other browser except Chrome, can any one assist me with this?
The iFrame has not configured – see suggestions in console – iFrame is most likely disabled. Your browser does not support frames, so you will not be able to view this page – You are using a browser that doesn't support iFrame. iFrame not loading in Chrome unless the window is resized – Resize the window to load iFrame.
On the left, click SettingsUnder Single sign-on cookie behavior, select Enable transfer of SAML SSO cookies into user session during sign-in from the list. For more details, see Set Chrome device policies. Click Save.
It works in all browsers except for Chrome. Set secure:false or secure:true for the cookie. Set sandbox="allow-same-origin allow-scripts" for the iframe, or remove the sandbox attribute.
Certain cookies are set without the SameSite
attribute.
They must be been blocked, as newer version of Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None
and Secure
To validate this, you can set Chrome flag chrome://flags/#same-site-by-default-cookies
as Disabled
SameSite=None
and Secure
if the cookie should be sent in cross-site requests. This enables third-party use.SameSite=Strict
or SameSite=Lax
if the cookie should not be sent in cross-site requestsIf you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With