samesite

SameSite=None not working on Chrome incognito?

痞子三分冷 提交于 2020-12-08 13:10:28
问题 I visited this site: https://samesite-sandbox.glitch.me/ both on normal and incognito Chrome window. This happens 100% of the time both on Mac Chrome and Android Chrome. Incognito had no extensions enabled. Is this a bug? Is there a workaround? Chrome version: 84.0.4147.105 Here's the incognito result: Here's the result on non-incognito window: 回答1: Actually just found the solution From this site: https://www.chromium.org/updates/same-site/test-debug If you are testing in Incognito Mode, be

Python session SAMESITE=None not being set

坚强是说给别人听的谎言 提交于 2020-12-06 07:19:10
问题 I am having issues with chrome and SameSite. I am serving a webpage in a shopify iframe and when setting the session using flask-login, chrome tells me this: A cookie associated with a cross-site resource at URL was set without the SameSite attribute. It been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure . Secure is set, but I tried to set SameSite in all the possible way, but without effect. I tried setting app.config[

Samesite for jessessionId cookie can be set only from response

你。 提交于 2020-11-29 23:44:20
问题 I am trying to set samesite none; secure for my jsessionid cookie from java filter . I have added this in response set cookie header.After this change the request cookie jsessionId is same . In the response the jsessionId is modified with Samesite attribute None and secure. Will it work if the request jsessionId cookie remains unchanged. 回答1: A call to ServletResponse methods: sendError, getWrite.flush(), sendRedirect, getOutputStream.Flush commits the response, meaning the status code and
订阅 samesite