Can anyone quickly give me info on how to set the "samesite" cookie. What I
need to know is the
exact format.
Background: for a number of years we have been able to connect to our credit
card acquirer with
this cookie set in the first line of the PHP code.
:
setcookie("samesite","strict",0,"/","coaxpublications.ca",true);
We don't actually use cookies for anything but this is, I think, needed to pick
up the configuration
headers. Only one I know of is this in the httpd.conf file:
Header always set Strict-Transport-Security
"max-age=63072000;includeSubDomains
For the last two weeks we haven't been able to take any orders and after a lot
of Googling I still
don't know exactly what is wrong with this format. Firefox gives the following
error:
"
Cookie “samesite” does not have a proper “SameSite” attribute value. Soon,
cookies without the
“SameSite” attribute or with an invalid value will be treated as “Lax”. This
means that the cookie
will no longer be sent in third-party contexts. If your application depends on
this cookie being
available in such contexts, please add the “SameSite=None“ attribute to it. To
know more about the
“SameSite“ attribute, read
https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
"
Trouble is, to me the explanation is a clear as mud.
Sorry folks, I know I'm asking on the wrong help list but I figure that most
people here will know
the answer immediately.
Thanks in advance.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
