Considering adding proprietary cookies good practices as Chrome make big changes on cookies in 2024

[teotimepacreau]

Prerequisites

• I have written a descriptive issue title
• I have searched existing issues to ensure the feature has not already been requested

🚀 Feature Proposal

Third party cookies won't be supported anymore as 2024 Chrome said

Chrome recommend good practices even for proprietary cookies to ensure it continues to work for session but for now theses options are unsupported in fastify-secure-session :

• secure: true
• __Host-cookie-name=cookie-value
• SameSite=Strict || Lax

Motivation

ensure session cookies for the plugin remain practicable

Example

app.register(fastifySecureSession, {
    **_secure: true,
    __Host-cookie-name=cookie-value
    SameSite=Strict_**
    cookieName: 'session',
    key: readFileSync(join(rootDir, 'secret-key')),
    cookie: {
        path: '/',
    }
})

[mcollina]

Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.

[Uzlopak]

If somebody wants to implement this feature request, he/she should orientate himself/herself on the following PR of @fastify/session.

fastify/session#226