-1

Recently my Google chrome got update which is causing issue in my application . My application is using springboot-1.5 in backend and angular 4 in frontend ans also I am using Google Chrome version - 80.0.3987.132 (Official Build) (64-bit) OS version - Windows 10 OS Version 1809 (Build 17763.1098)

the issue is my rest API calls are failing. As i did some investigation and found that 'sameSite' parameter is newly added in cookies if it is enable then create issue. For the fix, i set sameSite=none for JSESSIONID in response

 response.setHeader("Set-Cookie", "JSESSIONID="+cookie.get().getValue()+"; HttpOnly; SameSite=none");

and i also tried to update header like below 

 response.setHeader(HttpHeaders.SET_COOKIE, String.format("%s; %s ; %s", header,"Secure", "SameSite=none"));

This fix is working in some machine but not in all the machine. all the machines are having updated chrome ( version 80) Please suggest me what actually i should do to fix this issue

jose praveen
  • 1,298
  • 2
  • 10
  • 17
Akash Vijay
  • 1
  • 1
  • I have recently faced similar kind of issue. My application didn't worked in chrome and it was running in secure protocol (https). When i change the certificate which i used for securing my application from the format of .cer to .pfx, it worked. Just check on this and let me know. – Kalimula F Mar 18 '20 at 12:37
  • Does this answer your question? [SameSite warning Chrome 77](https://stackoverflow.com/questions/58270663/samesite-warning-chrome-77) – DaveyDaveDave Mar 18 '20 at 15:32

1 Answers1

0

I resolved the issue. The problem was, im my case some of requests are authenticate but some of them are not. for that i am using multiple security filters and in one of filterer response's cookie was reset as default.

Akash Vijay
  • 1
  • 1