codimd icon indicating copy to clipboard operation
codimd copied to clipboard

Published 20 hours ago verified publisher icon hackmdio

Set Lax for the SameSite attribute on cookies

Open mic4ael opened this issue 4 years ago • 4 comments
trafficstars

mic4ael avatar Apr 01 '21 08:04 mic4ael

Can anyone have a look at this?

mic4ael avatar Jul 19 '21 07:07 mic4ael

Actually, this requires a new release of js-cookie so changing it to a Draft PR.

mic4ael avatar Jul 19 '21 10:07 mic4ael

Hi @mic4ael,

Thanks for opening this PR. I think this will take some time to review if case we missed any cookie not been set to Lax. Also, I'm wondering is there any way we can migrate existing cookie to Lax or the only way is ask user to sign out and sign in again.

jackycute avatar Oct 10 '21 04:10 jackycute

Hi @mic4ael,

Thanks for opening this PR. I think this will take some time to review if case we missed any cookie not been set to Lax. Also, I'm wondering is there any way we can migrate existing cookie to Lax or the only way is ask user to sign out and sign in again.

Shouldn't this be done by the browser? If the server sends an updated cookie, I would assume that the browser updates it appropriately.

mic4ael avatar Oct 11 '21 09:10 mic4ael