Chrome 80 changes to SameSite default setting and it's effect on Red Hat Single Sign-On
Issue
-
We have JavaScript application authenticating through RH-SSO and got below warning :
A cookie associated with a cross-site resource at https://example.com was set without the 'SameSite' attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
Environment
- Red Hat Single Sign-On (RH-SSO)
- 7.3
- Chrome
- 80
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.