Menu
▾
▴
Re: [naviserver-devel] Cookie Same-Site "None"
|
From: Wolfgang W. <wol...@di...> - 2020-09-01 08:18:39
|
Dear Gustaf, thanks for the speedy fix. We've cherry picked the commit for 4.99.19 and it works flawlessly. Cookie handling has become a catch up game lately, as browser vendors are getting more and more creative without a proper standardization process. Regards, wiwo Am 31.08.20 um 12:54 schrieb Gustaf Neumann: > Wolfgang, > > you are right, explicit setting of same-site=none is necessary now. > > In previous versions of browsers, no explicit setting > of the same-site flag was exactly the same as explicit setting > (an implicit default of same-site=none) > > Since some browsers switched to a default of "lax", explicit > setting became necessary. > > Fixed now on bitbucket. > > -gn > > PS: it is not developer-friendly that the behavior is changed > on the fly.... On the client site, the disruptive behavior > change was intended, so changing the default value on the > server is probably not good - and is left unchanged. > > > > _______________________________________________ > naviserver-devel mailing list > nav...@li... > https://lists.sourceforge.net/lists/listinfo/naviserver-devel -- *Wolfgang Winkler* Geschäftsführung wol...@di... mobil +43.699.19971172 dc:*büro* digital concepts Novak Winkler OG Software & Design Landstraße 68, 5. Stock, 4020 Linz www.digital-concepts.com <http://www.digital-concepts.com> tel +43.732.997117.72 tel +43.699.1997117.2 Firmenbuchnummer: 192003h Firmenbuchgericht: Landesgericht Linz |
