SESSION_COOKIES_SAMESITE has to be 'strict' or 'lax' #19
Comments
|
@Fuih Hey, |
|
Is a fix for this on the way? |
|
Yup, it will be released today.
…On Thu, 19 Mar 2020 at 06:33, Estian Rosslee ***@***.***> wrote:
Is a fix for this on the way?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#19 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACDAYTBXXKEWJVTL6PP72HTRIGVELANCNFSM4LODSQVQ>
.
--
Kind regards
Jarek "jotes" Śmiejczak, a python programmer by day, a mozillian by heart...
Homepage: http://jotes.work, Github: http://github.com/jotes
Mobile: +48693027040, Mozillian: http://mozillians.org/u/jotes
|
|
@Fuih Hey, and tell me if that fixed your problem? |
|
@jotes |
|
@Fuih Don't worry :-) I'm going to close this issue then, because the workaround seems to work. |
Description
Chrome now explicitly want us to set the SameSite = "None" to use cross domain cookies.
Django version 2.2.7 does not allow for SESSION_COOKIES_SAMESITE = "None".
What I Did
Install django-cookies-samesite with: pip install django-cookies-samesite
Add this on top of MIDDLEWARE: 'django_cookies_samesite.middleware.CookiesSameSite'
Set SESSION_COOKIES_SAMESITE = "None" in settings.py
Deploy the app with Docker
Result
Encountered this error when access to the webapp:
ValueError: samesite must be "lax" or "strict".
The text was updated successfully, but these errors were encountered: