Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

What's this about?

In February 2020, the Chrome browser will be making some changes on how it handles cookies in cross-site requests. In this document we provide some technical details about these changes.

Tip
titleActions on your side

Check whether your are impacted by these changes, in particular regarding any integrations you may have with Secutix, and that you are taking the required actions on your side.

...

If you are using cookies in your integration with Secutix, you need to ensure they satisfy the new default Chrome settings to ensure they continue to reach your application as expected.Further details about the Chrome switch can be found here: https://blog.chromium.org/2019/10/developers-get-ready-for-new.htmlFor official specifications of the cookie “SameSite” attribute see: https://tools.ietf.org/html/draft-west-first-party-cookies-07


How to test

  1. To test the effect of the new Chrome behavior on your site or cookies you manage, you can go to chrome://flags in Chrome 76+ and enable the “SameSite by default cookies” and “Cookies without SameSite must be secure” experiments. Restart the browser for the changes to take effect.
  2. Test your site with a focus on anything involving federated login flows, multiple domains, or cross-site embedded content.
  3. Finally, if you’re concerned about the readiness of vendors and others who provide services to your website, you can check for Developer Tools console warnings when a page contains cross-site cookies that are missing the required settings.Image Modified

Further details about the Chrome switch can be found here: https://blog.chromium.org/2019/10/developers-get-ready-for-new.html

For official specifications of the cookie “SameSite” attribute see: https://tools.ietf.org/html/draft-west-first-party-cookies-07