简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Q&A  >  body text

Where to add `SameSite=None`?

<p>The following code appears on my site and I can't make sense of this despite my best efforts, so I have a few questions, please read on. </p> <p><code>category-search-Forum:1 The cookie associated with the cross-site resource at https://www.google.com/ was set without the 'SameSite' attribute. It has been blocked because Chrome now only passes cookies with cross-site requests if "SameSite=None" and "Secure" are set. You can view cookies and see more details in Developer Tools under Application > Storage > Cookies: https://www.chromestatus.com/feature/5088147346030592 and https:/ /www.chromestatus.com/feature/5633521622188032.</code></p> <p>I saw a lot of people talking about this on stack and other places online, but no one explained exactly how to add <code>SameSite=None</code>. </p> <h1>1 question: How or where do I add <code>SameSite=None</code>? </h1> <p>View errors to learn what "safe" is</p> <p>Does this mean <code>SameSite=Secure</code>? </p> What is the difference between <p><code>SameSite=None</code> and <code>SameSite=Secure</code>? </p>
P粉652523980P粉652523980441 days ago576

reply all(2)I'll reply

  • P粉063862561

    P粉0638625612023-08-28 20:33:46

    I had a similar problem on my Electron application/browser side

    • fetch's credentials: 'omit' solved the warning issue for me
    // Example
await fetch('https://example.com', {credentials: 'omit'});

    I am writing here because this is the first link in Google and I believe it will help people like me; xoxoxo

    reply
    0
  • P粉343408929

    P粉3434089292023-08-28 09:07:54

    As discussed here: https://blog. chromium.org/2019/10/developers-get-ready-for-new.html

    This is actually a server-side problem. What it means is that you are using a resource from another site (most commonly JS or CSS), and that server is trying to set a cookie; however, it does not set the SameSite attribute.

    The reason for this is:

    Since your post does not define whether you are working on the server side or client side, my assumption is that you are working on the client side and, therefore, there is nothing you can do since the resource needs to update it. However, if you are doing server-side development, here is a list of resources in different languages: https://github .com/GoogleChromeLabs/samesite-examples

    TLDR;If you are a client developer, this is because the linked resource does not have this setting, and there is nothing you can do about it. If you are a server-side developer, check out the github link for examples on how to fix this for your site.

    Edit: If you just want to remove the message, the solution is discussed here: Chrome Console SameSite Cookie Property Warning, you can deprecate the message via chrome://flags Cookie DisableDisable them.

    reply
    0
  • Cancelreply