Actually I want to set jsessionid with SameSite, but I don't now how to do
that.
On Mon, Dec 16, 2019 at 2:53 PM Sven Meier wrote:
> Hi,
>
> the Servlet spec doesn't support the "sameSite" attribute yet. You can
> explicitly set a cookie header instead.
> Or instruct Tomcat to add the
I solve it with add header.conf on apache httpd server
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None
On Mon, Dec 16, 2019 at 2:53 PM Sven Meier wrote:
> Hi,
>
> the Servlet spec doesn't support the "sameSite" attribute yet. You can
> explicitly set a cookie header instead.
>
Hi,
the Servlet spec doesn't support the "sameSite" attribute yet. You can
explicitly set a cookie header instead.
Or instruct Tomcat to add the attribute for you:
https://stackoverflow.com/questions/57505939/how-to-set-samesite-cookie-in-tomcats-cookie-processor
Have fun
Sven
Am 16.
Dear all
Recently, I found chrome's developer console shows alert about
cookie SameSite...
A cookie associated with a cross-site resource at https://xxx../
was set without the `SameSite` attribute. A future release of Chrome will
only deliver cookies with cross-site requests if they