Where to add `SameSite=None`?
P粉652523980
P粉652523980 2023-08-27 21:20:48
0
2
605
<p>The following code appears on my site and I can't make sense of this despite my best efforts, so I have a few questions, please read on. </p> <p><code>category-search-Forum:1 The cookie associated with the cross-site resource at https://www.google.com/ was set without the 'SameSite' attribute. It has been blocked because Chrome now only passes cookies with cross-site requests if "SameSite=None" and "Secure" are set. You can view cookies and see more details in Developer Tools under Application > Storage > Cookies: https://www.chromestatus.com/feature/5088147346030592 and https:/ /www.chromestatus.com/feature/5633521622188032.</code></p> <p>I saw a lot of people talking about this on stack and other places online, but no one explained exactly how to add <code>SameSite=None</code>. </p> <h1>1 question: How or where do I add <code>SameSite=None</code>? </h1> <p>View errors to learn what "safe" is</p> <p>Does this mean <code>SameSite=Secure</code>? </p> What is the difference between <p><code>SameSite=None</code> and <code>SameSite=Secure</code>? </p>
P粉652523980
P粉652523980

reply all(2)
P粉063862561

I had a similar problem on my Electron application/browser side

  • fetch's credentials: 'omit' solved the warning issue for me
// Example
await fetch('https://example.com', {credentials: 'omit'});

I am writing here because this is the first link in Google and I believe it will help people like me; xoxoxo

P粉343408929

As discussed here: https://blog. chromium.org/2019/10/developers-get-ready-for-new.html

This is actually a server-side problem. What it means is that you are using a resource from another site (most commonly JS or CSS), and that server is trying to set a cookie; however, it does not set the SameSite attribute.

The reason for this is:

Since your post does not define whether you are working on the server side or client side, my assumption is that you are working on the client side and, therefore, there is nothing you can do since the resource needs to update it. However, if you are doing server-side development, here is a list of resources in different languages: https://github .com/GoogleChromeLabs/samesite-examples

TLDR;If you are a client developer, this is because the linked resource does not have this setting, and there is nothing you can do about it. If you are a server-side developer, check out the github link for examples on how to fix this for your site.

Edit: If you just want to remove the message, the solution is discussed here: Chrome Console SameSite Cookie Property Warning, you can deprecate the message via chrome://flags Cookie DisableDisable them.

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template