问题
Found DAST scan error "Cookie Without SameSite Attribute" on Frond end application
Front end application build on node js and React js.
I can see the cookie are added back in response object in browser.
Set-Cookie: bm_sv=fdafdfsdfasffasdfsafsdfsafasffsadffdsfsfasfsdfsfxvxgdhgfwefw; Domain=.xxxxx.co.uk; Path=/; Max-Age=7003; HttpOnly
Error clearly showing that it will be clear by adding "Samesite" Attribute in cookie. I used cookie-session node module and added configuration like below. but it does not work
app.use(cookieSession({ name: 'mycookie', secret: 'myscret', cookie: { secure: true, httpOnly: true, maxAge: 86400000, sameSite: 'None' }, }));
Sorry if i am not clearly elaborate the question. Please free to ask if you do not understand question
来源:https://stackoverflow.com/questions/65702476/how-to-set-the-samesite-attribute-on-bm-sv-cookie