[Koha-devel] Bug 26019 and SameSite cookie attribute
Owen Leonard
oleonard at myacpl.org
Mon Feb 7 00:49:46 CET 2022
There has been some discussion on Bug 26019 about how to handle the
changing ways browsers are handling the "SameSite" attribute in
cookies:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=26019
There doesn't seem to be a consensus on how to proceed, and I guess
part of the question is whether there should be options for setting an
attribute other than "Lax."
I propose that a logical first step would be to explicitly set
SameSite to "Lax" for the cookies we currently set without a SameSite
attribute, since browsers have been assuming "Lax."
I'd be happy to work on such a patch because I'm tired of seeing the
warnings in the browser console while I'm trying to hunt down jQuery
upgrade issues.
Please weigh in!
Thanks,
Owen
--
Web Developer
Athens County Public Libraries
(740) 737-6006
https://www.myacpl.org
More information about the Koha-devel
mailing list