Re: SameSite cookies shows as "Unset" but Header shows Correct Value

2020-03-11 Thread M. Manna
Just to confirm, we know that Chrome will block JSESSIONID it if sent over unsecure connection and with SameSite=None. But we saw the previously mentioned issue in Firefox. Thanks, On Wed, 11 Mar 2020 at 15:33, M. Manna wrote: > Hi All, > > Due to the recent issues with Chrome 80, we have had t

SameSite cookies shows as "Unset" but Header shows Correct Value

2020-03-11 Thread M. Manna
Hi All, Due to the recent issues with Chrome 80, we have had to make some changes for our context.xml to have SameSite attribute setup for CookieProcessor What we've noticed is that even though CookieProcessorBase captures and assigns the correct value (e.g. "None" or "Lax"), the Network tab of b

Re: SameSite cookies

2019-11-08 Thread Christopher Schultz
h...@christopherschultz.net> wrote: > > All, > > I'm looking at using "samesite" cookies within my application. It > looks as simple as setting the "sameSite" attribute appropriately > on the CookieProcessor for the , which isn't there in a > d

Re: SameSite cookies

2019-11-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 11/8/19 11:53, Mark Thomas wrote: >> All, >> >> I'm looking at using "samesite" cookies within my application. >> It looks as simple as setting the "sameSite" attribute >> approp

Re: SameSite cookies

2019-11-08 Thread Mark Thomas
> All, > > I'm looking at using "samesite" cookies within my application. It > looks as simple as setting the "sameSite" attribute appropriately on > the CookieProcessor for the , which isn't there in a default > configuration. So you just have t

Re: SameSite cookies

2019-11-08 Thread Rémy Maucherat
On Fri, Nov 8, 2019 at 4:04 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > All, > > I'm looking at using "samesite" cookies within my application. It > looks as simple as setting the &

Re: SameSite cookies

2019-11-08 Thread M. Manna
< ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > All, > > I'm looking at using "samesite" cookies within my application. It > looks as simple as setting the "sameSite" attribute appropriately on >

SameSite cookies

2019-11-08 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I'm looking at using "samesite" cookies within my application. It looks as simple as setting the "sameSite" attribute appropriately on the CookieProcessor for the , which isn't there in a default configurati