Hi all
I am getting warnings in firefox developer tools when running
WebObjects/Wonder application.
Cookie “wosid” does not have a proper “SameSite” attribute
value. Soon, cookies without the “SameSite” attribute or with an
invalid value will be treated as “Lax”. This means that the
cookie will no longer be sent in third-party contexts. If your
application depends on this cookie being available in such
contexts, please add the “SameSite=None“ attribute to it. To
know more about the “SameSite“ attribute, read
https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
I am getting the same warning for "wosid", "woinst" and
"routeid_myapp" cookies.
It looks like I can set properties
er.extensions.ERXSession.cookies.SameSite=strict
er.extensions.ERXSession.useSecureSessionCookies=true
and that fixes the "wosid" and "woinst" cookies but not the
"routeid_myapp" cookie.
I can override ERXApplication.addBalancerRouteCookie(WOContext
context) to apply the same settings but this seems like a bit of a
hack considering the elegant solution available for the other two
cookies. What are other people doing?
Cheers
Tim
|