#31790: HttpResponse.delete_cookie() should preserve cookie's samesite. -------------------------------------+------------------------------------- Reporter: Gilbreaa | Owner: felixxm Type: Bug | Status: closed Component: HTTP handling | Version: 3.1 Severity: Release blocker | Resolution: fixed Keywords: | Triage Stage: Ready for | checkin Has patch: 1 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 -------------------------------------+------------------------------------- Changes (by GitHub <noreply@…>):
* status: assigned => closed * resolution: => fixed Comment: In [changeset:"240cbb63bf9965c63d7a3cc9032f91410f414d46" 240cbb6]: {{{ #!CommitTicketReference repository="" revision="240cbb63bf9965c63d7a3cc9032f91410f414d46" Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie(). Cookies with the "SameSite" flag set to None and without the "secure" flag will be soon rejected by latest browser versions. This affects sessions and messages cookies. }}} -- Ticket URL: <https://code.djangoproject.com/ticket/31790#comment:6> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/066.497d56bcb0493f5783b3a5f583240f3e%40djangoproject.com.