On Sat, Aug 22, 2020 at 9:34 PM Adam Johnson <[email protected]> wrote: > Hi Uri > > You implied it, but to make it explicit - Django 3.1 allows setting the > value "None" (string) for samesite cookies: > https://docs.djangoproject.com/en/dev/releases/3.1/#django-contrib-sessions > . Essentially you're asking for a backport of this feature. >
Yes. But this may also affect other settings such as *CSRF_COOKIE_SAMESITE*. You can also see this answer <https://stackoverflow.com/a/63539373/1412564> on Stack Overflow. > > I think a backport is probably reasonable if sites are broken. You didn't > write in your ticket in what way SameSite=Lax breaks your sites - can you > explain the use cases you need SameSite=None for? > It is explained on Stack Overflow: https://stackoverflow.com/questions/63538073/set-cookie-is-not-working-in-chrome-and-dolphin-with-two-websites https://stackoverflow.com/questions/59298548/set-cookie-is-not-working-in-chrome-with-two-websites אורי. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CABD5YeFN5wWwNcjszTxKFCTstXB1aSE8cM0UWeMTvP%3Dvt99sjg%40mail.gmail.com.
