Can't set a cross subdomain cookie in Django

Question

I'm trying to use a subdomain cross site cookie with django but I cannot get it, I am in a valid subdomain but it doesn't seems to be useful.

Thie is my conf:

SESSION_COOKIE_SAMESITE = 'None'
SESSION_COOKIE_DOMAIN = '.ngrok.io'

This is the headers from the browser:

But I get the message:

This set-cookie domain attribute was invalid with regards to the current host url

How can I do to make it work?

You are trying to set a cookie for a different domain than the one of your website. If that is your local environment you could just leave `SESSION_COOKIE_DOMAIN` empty in your local settings. — Vitor Diniz, Jun 13 '21 at 13:06

score 1 · Accepted Answer · edited Oct 07 '21 at 06:15

As says in this answer there is a newer specification for cookies (RFC 6265). The old specification can let you share a cookie sent it from a subdomain "sub.domain.com" or "domain.com" with domain=.domain.com to share between domains and subdomains, but the newer specification can let you share by domain and subdomain only if you sent the cookie from "domain.com" with SameSite=None and domain=domain.com

Can't set a cross subdomain cookie in Django

1 Answers1

Linked