To test this bug: Locally test this for 'http' mode. 1. Before applying the fix, open the developer console in the browser to see the 'SameSite' warning. This will appear on any page in Mahara. 2. After applying the patch, the console warning goes away.
Warning: Cookie “mahara” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite ** Changed in: mahara Assignee: (unassigned) => Robert Lyon (robertl-9) ** Changed in: mahara Status: Confirmed => In Progress -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: mahara-contributors https://bugs.launchpad.net/bugs/1943525 Title: Cookie “mahara” will be soon rejected because it has the “SameSite” attribute set to “None” Status in Mahara: In Progress Bug description: Currently in Firefox on the console log it is warning about: Cookie “mahara” will be soon rejected because it has the “SameSite” attribute set to “None” This exists when viewing the site in http:// mode It doesn't seem to be an issue in https:// mode as the cookie can have the secure option there This can be fixed up by adding the SameSite cookie attribute to the session cookie / ctest cookie To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1943525/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
