[ https://issues.apache.org/jira/browse/SHIRO-793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Demers resolved SHIRO-793. -------------------------------- Resolution: Resolved > deleteMe cookie should use the defined "sameSite" > ------------------------------------------------- > > Key: SHIRO-793 > URL: https://issues.apache.org/jira/browse/SHIRO-793 > Project: Shiro > Issue Type: Task > Reporter: Brian Demers > Priority: Major > Fix For: 2.0.0, 1.7.0 > > Time Spent: 20m > Remaining Estimate: 0h > > With Chrome increasing security of cookies not defining any SameSite options, > the deleteMe cookie may be blocked by Chrome under some circumstances. > For example, when an app is used within a cross-site iframe, one must defined > the option SameSite=None option. This works for the main cookie, but the > deleteMe is currently blocked. This commit fixes this. > > https://github.com/apache/shiro/pull/257 -- This message was sent by Atlassian Jira (v8.3.4#803005)