Draft: fix: set cookie samesite to None (!24) · Merge requests · cubicweb / cubes / api · GitLab

Arnaud Vergnet requested to merge topic/default/cookie-fix into branch/default Jun 16, 2022

Needed when the cubicweb instance is not on the same server as react admin.

More research is needed to find the most secure fix.

See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite.

Edited Jun 17, 2022 by Arnaud Vergnet