5

I apologize if I'm repeating this question but I've spent over 6 days on this and I'm losing my mind. I can't seem to get that warning to disappear even though I've meticulously tried and retried to add these in my php index before the and tags. I've tried posts on SameSite warning Chrome 77 to use 

response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=Strict");

as well as posts here How to solve `SameSite` attribute to use

header('Set-Cookie: cross-site-cookie=name; SameSite=None; Secure');

as well as the examples on here https://github.com/GoogleChromeLabs/samesite-examples/blob/master/php.md

and I'm still getting the warning even though everything else hasn't changed. Am I missing something or doing something wrong? Sorry, I suppose it shouldn't be a big deal but I'm so ocd over these warning messages and errors that's popping up I wish they would go away! Thx in advance.

-update- sorry the warning that pops up in console in question is this

A cookie associated with a cross-site resource at http://google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
Fullstack_Developer
  • 85
  • 1
  • 7

1 Answers1

6

The warning is specifically for the cookie coming from "google.com" so you will not be able to affect it. If any of the console warnings refer to domains you control, then you should be following that advice to update your SameSite attributes.

It does mean that you will continue to see these warnings until the affected domains update their cookies, which should be happening over the coming months. The enforcement of this behaviour is not planned until Chrome 80, which will be stable in February. So, no actual site/service functionality should be affected in stable Chrome before then.

rowan_m
  • 2,893
  • 15
  • 18
  • 1
    2021 update. It's probably more complex than that. reCaptcha 3 generates 28 "SameSite" cookie warnings originated from google.com in my Asp.Net Core application but the same reCaptcha works well in WordPress site hosted on the same server with no warnings at all. I also assume that Google implemented their cookies undoubtedly correctly. – Niksr Dec 29 '21 at 09:24