We have a page that loads third-party page. for some users we are facing such a problem "To view this site, enable cookies in your browser." that people should go and disable chrome://flags/#same-site-by-default-cookies. Is there anyway that we set SameSite value the way that we can fix this issue and not asking users to do any action manually?
Asked
Active
Viewed 254 times
1 Answers
0
It sounds like the third-party service needs to update their cookies to use SameSite=None; Secure where they need those cookies in a cross-site context. Contact the service or check their support channels to see if they are already providing an update. If you want to share who the third-party is, I'm also happy to get in touch with them.
rowan_m
- 2,893
- 15
- 18
-
Thanks for the response Rowan, should I ask them to put none for samesite or like [here](https://stackoverflow.com/questions/58270663/samesite-warning-chrome-77) said Strict – Sia Apr 02 '20 at 10:43
-
They should review their cookies and try to set an appropriate `SameSite` value for all of them. For any cookies that are required in a third-party context (e.g. if you embed their content in an `iframe` or you use a pixel from them that expects cookies) then those need to have `SameSite=None; Secure`. For cookies that are just for their own site, like maybe they have an admin interface you sign-in to, then `SameSite=Lax` is a good default for them. – rowan_m Apr 02 '20 at 11:33
-
we are loading their content to an iframe so I need to ask them to set SameSite=None; Secure then. – Sia Apr 02 '20 at 11:40