This repository has been archived by the owner on Dec 7, 2020. It is now read-only.
SameSite setting as None does not works #676
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
SameSite setting as None does not works
Summary
https://www.chromium.org/updates/same-site
The chrome enforce change samesite default value from None to Lax at Jul 28th.
by checking the behaviour and code, this proxy handle the value None as not set.
Please kindly check the the pasted code and screenshot.
https://github.com/louketo/louketo-proxy/blob/master/cookies.go#L59
as the code showing,
if r.config.SameSiteCookie is None.
no switch case mapped to set cookie.SameSite.
Now, the None is not default samesite value anymore in chrome.
if this value is not set, the cross-site request would not be able to get cookies.
and according to the current code, there is no way to change it into None as we hope.
Actual Results
when
--same-site-cookie=None
then
no SameSite set in cookies
Expected result
when
--same-site-cookie=None
then
the cookie would be SameSite=None
Would you mind consider fix this problem as soon as possible? it is largely impact the visit of our services.
The text was updated successfully, but these errors were encountered: