rdmo icon indicating copy to clipboard operation
rdmo copied to clipboard

Published 20 hours ago verified publisher icon rdmorganiser

Our cookie 'storeid' needs a value for the SameSite attribute

Open MyPyDavid opened this issue 1 year ago • 0 comments

Description / Beschreibung

Currently, in my local debug environment I get a warning in the Mozilla Development Browser about the SameSite attribute:

Cookie “storeid” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

Before I got the CSRF token error in Chrome and thought it was related to the cookie warning, see https://github.com/js-cookie/js-cookie/issues/846 for example.

Expected behaviour / Erwartetes Verhalten

  • our cookie storeid should not get any warnings and get the appropriate attributes

Context / Kontext

Local Debug, 2.1.2

References / Verweise

  • https://github.com/rdmorganiser/rdmo/blob/9358d2b6753d9111bc58b5576d246df498e52c17/rdmo/management/views.py#L27

MyPyDavid avatar Jan 18 '24 15:01 MyPyDavid