Skip to content
This repository was archived by the owner on Dec 7, 2020. It is now read-only.
This repository was archived by the owner on Dec 7, 2020. It is now read-only.

SameSite setting as None does not works #676

Open
Open
SameSite setting as None does not works#676
@johnchen05

Description

@johnchen05
johnchen05
opened on Aug 4, 2020

SameSite setting as None does not works

Summary

https://www.chromium.org/updates/same-site
The chrome enforce change samesite default value from None to Lax at Jul 28th.
by checking the behaviour and code, this proxy handle the value None as not set.
Please kindly check the the pasted code and screenshot.
https://github.com/louketo/louketo-proxy/blob/master/cookies.go#L59
CB1DC162-A11C-4760-A5AB-705D272E47D9_4_5005_c
as the code showing,
if r.config.SameSiteCookie is None.
no switch case mapped to set cookie.SameSite.
Now, the None is not default samesite value anymore in chrome.
if this value is not set, the cross-site request would not be able to get cookies.
and according to the current code, there is no way to change it into None as we hope.

Actual Results

when
--same-site-cookie=None
then
no SameSite set in cookies

Expected result

when
--same-site-cookie=None
then
the cookie would be SameSite=None

Would you mind consider fix this problem as soon as possible? it is largely impact the visit of our services.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions