Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Disable SameSite setting for session cookies
The php session cookie should not have the samesite lax or strict setting. As this would prevent the session cookie from being present when the remote azure mfa idp sends back a SAML response. So it is set to the for now advisable 'none' setting. Combined with the secure setting, this will be accepted by modern browsers. See: https://www.pivotaltracker.com/story/show/171721565 symfony/symfony#31475
- Loading branch information