Skip to main content
470 questions
Newest Active Bountied Unanswered
0 votes
1 answer
169 views

I am using session ids to enable various features for logged and unlogged users on my website. This include matching the csrf token to the session id. I store the session id as a SameSite=lax cookie. ...
kunnix's user avatar
  • 91
1 vote
1 answer
155 views

I am embedding Apache Superset’s dashboard builder inside my MERN application using an iframe. This setup works perfectly in Firefox, but in Google Chrome the iframe fails to load. Instead, I see ...
GPT 123's user avatar
  • 11
0 votes
0 answers
107 views

We are experiencing a sudden failure in SAML authentication (500 Internal Server Error) in our ASP.NET web application that uses Microsoft Entra ID (SSO). Environment details: ASP.NET app running on ...
Mayur's user avatar
  • 107
0 votes
1 answer
101 views

A website using payment gateway requires Samesite as None to continue session for users returning from payment gateway to website. In other pages of website Samesite should be Lax or strict to ...
user28757434's user avatar
  • 13
0 votes
0 answers
161 views

I've seen many variations of this question here, but as far as I can tell, my setup should be working. I'm working on a Next.js application that's sending a PUT request to our backend, which is ...
Wesley Weisenberger's user avatar
  • 41
0 votes
1 answer
290 views

Suppose on mywebsite.com, I have a cookie with SameSite=Strict, so that it is not allowed to go up via third party requests to mywebsite.com. Suppose also on mywebsite.com I am setting Access-Control-...
TheGreatContini's user avatar
  • 6,689
0 votes
0 answers
63 views

I'm hosting an Angular app on http://app.localhost URL. Where am checking, setting and modifying an authentication related cookie on initial page load, login and logout API calls. Cookie's SameSite ...
Deepanshu Yadav's user avatar
  • 125
1 vote
1 answer
1k views

I'm working on a local development project where I have an Angular frontend running on port 4200 and an Express backend running on port 3000, both served over HTTP. I need to use cookies with SameSite=...
Hamzah Alkhateeb's user avatar
  • 109
0 votes
0 answers
382 views

Title: Cookie not being set in localhost environment with Next.js app I'm trying to test cookies in a localhost environment for a web app built with Next.js. I've sent a cookie from the server with ...
hangooksaram's user avatar
  • 35
2 votes
0 answers
688 views

I'm using the following Flutter package https://pub.dev/packages/g_recaptcha_v3 When running my app on web I see the following warning in the warning in the console _GRECAPTCHA www.google.com/...
anonymous-dev's user avatar
  • 3,591
1 vote
1 answer
450 views

I have a Springboot application with Spring Security 6 and a single page application for frontend (Vue). I configured anti-CSRF using the exact same config as the one described in the documentation. ...
charlycou's user avatar
  • 2,055
0 votes
1 answer
1k views

I have to embed a page with iframe to a different domain page. This iframe is loaded with a jwt token that authenticates the user in domain B. This response, creates a session cookie and reloads the ...
Tobia's user avatar
  • 9,635
0 votes
1 answer
252 views

How to update/set SameSite value from “Strict” to "Lax" in chrome, edge, safari browser? The below answer is outdated How to disable same site policy in Chrome? No option available as ...
Evans's user avatar
  • 1
0 votes
0 answers
210 views

Our policy was set to samesite = strict and most everything was working. However one SSO (openId) login was not playing nicely. User starts at ourdomain.com/login, hits the SSO button and gets ...
Rolf Herbert's user avatar
  • 83
1 vote
0 answers
28 views

I am setting SameSite in Startup.Auth.cs like this: CookiePath = "/; SameSite=Lax", But for Login action, on redirection; the Set-Cookie value is being automatically set by the framework ...
Urja Sehgal's user avatar
  • 11

15 30 50 per page
1
2 3 4 5
32