polis icon indicating copy to clipboard operation
polis copied to clipboard

Published 20 hours ago verified publisher icon compdemocracy

Cookies not being properly handled for embedded conversations

Open daveey opened this issue 2 years ago • 1 comments

I'm running an embedded polis conversation on https://sfvoices.org and state handling appears to be broken

Expected behavior:

User visits https://sfvoices.org and answers a few questions. Hits reload, and expects fewer remaining questions.

Actual behavior:

After hitting reload, the state is fully reset, and the user is asked to answer the same questions again

To Reproduce:

Visit https://sfvoices.org , answer a few questions. Watch the "remaining questions" count decrement. Hit "reload". See the number reset.

Device information: Tried in Chrome on Mac and Windows.

daveey avatar Mar 23 '22 19:03 daveey

I believe the cause is the change to Chrome on SameSite cookie handling. See:

https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure

The fix should be simple. Set "SameSite=None; Secure" on secure cookies. I tested this manually by setting SameSite=None in my JS console, and the votes persisted after reload.

daveey avatar Apr 04 '22 19:04 daveey