You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The SameSite patch in #165 and #170 forgot to initialize SameSite to a value in the default path.
I think the intent was to initialize it to http.SameSiteDefaultMode.
Currently this results in the following error in Firefox Developer Tools
Cookie “id” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
The text was updated successfully, but these errors were encountered:
@martinlindhe The http.SameSiteDefaultMode would still result in cookie being dropped because default mode will not add SameSite.
I am leaning towards defaulting SameSite to http.SameSiteLaxMode inside cookie store initializer (NewCookieStore). Along with this it should be clearly documented through an example that this option is configurable.
The SameSite patch in #165 and #170 forgot to initialize SameSite to a value in the default path.
I think the intent was to initialize it to http.SameSiteDefaultMode.
Currently this results in the following error in Firefox Developer Tools
The text was updated successfully, but these errors were encountered: