[Koha-devel] Bug 26019 and SameSite cookie attribute
Katrin Fischer
katrin.fischer.83 at web.de
Mon Feb 7 21:39:51 CET 2022
+1
Thanks, Owen!
On 07.02.22 00:49, Owen Leonard wrote:
> There has been some discussion on Bug 26019 about how to handle the
> changing ways browsers are handling the "SameSite" attribute in
> cookies:
>
> https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=26019
>
> There doesn't seem to be a consensus on how to proceed, and I guess
> part of the question is whether there should be options for setting an
> attribute other than "Lax."
>
> I propose that a logical first step would be to explicitly set
> SameSite to "Lax" for the cookies we currently set without a SameSite
> attribute, since browsers have been assuming "Lax."
>
> I'd be happy to work on such a patch because I'm tired of seeing the
> warnings in the browser console while I'm trying to hunt down jQuery
> upgrade issues.
>
> Please weigh in!
>
> Thanks,
>
> Owen
>
More information about the Koha-devel
mailing list