[Bug]: Cookie SameSite "none" not available as an option #1320

dmaksimov · 2023-12-28T23:06:09Z

lucia-auth

The sameSite attribute for cookies allows "lax" and "strict" but is missing "none".

Line 9 in 83960e2

sameSite?: "strict" | "lax";

Is there a reason for this?

I can create a PR to add it but wanted to check first.

The text was updated successfully, but these errors were encountered:

pilcrowOnPaper · 2023-12-28T23:50:40Z

Third party cookies are being deprecated by browsers, so I don’t see a reason to support it

dmaksimov · 2023-12-28T23:52:50Z

Ah gotcha, that makes sense.

Any suggestions on displaying authenticated content inside an iframe on a different domain securely?

pilcrowOnPaper · 2024-01-18T14:35:34Z

Makes sense. Yeah if you could make a PR for it, I can merge it

dmaksimov added the bug Something ain't right... label Dec 28, 2023

rmarscher mentioned this issue Jan 6, 2024

[lucia] Attempt to switch to nextjs app dir timothymiller/t4-app#139

Open

pilcrowOnPaper added feature request New feature requests and removed bug Something ain't right... labels Jan 20, 2024

pilcrowOnPaper mentioned this issue Jan 27, 2024

Allow SameSite=None session cookies #1359

Merged

pilcrowOnPaper closed this as completed in #1359 Jan 27, 2024

pilcrowOnPaper mentioned this issue Apr 24, 2024

Add SameSite=None option #1546

Merged

Provide feedback