Cookies - Add support for SameSite attribute
See original GitHub issueSince .Net Framework 4.7.2 adds support for the SameSite attribute OWIN should support it too.
I believe implementing it in the Microsoft.Owin.ResponseCookieCollection
and CookieManager
should be straightforward. But don’t know whether it’s possible to set it in the SystemWebCookieManager
, without compiling to .Net 4.7.2.
Issue Analytics
- State:
- Created 5 years ago
- Reactions:6
- Comments:7 (3 by maintainers)
Top Results From Across the Web
SameSite cookie attribute - Teams
You can opt out of adding the SameSite cookie attribute to the SetCookie header or add it with one of two settings, Lax...
Read more >SameSite Cookie Attribute Changes
You can add SameSite cookie attributes in the set-cookie HTTP response header to restricts browser behavior. It may prevent the browser from sending...
Read more >SameSite cookies explained - web.dev
Introducing the SameSite attribute on a cookie provides three different ways to control this behaviour. You can choose to not specify the ...
Read more >'SameSite' cookie attribute | Can I use... Support tables for ...
'SameSite' cookie attribute ... Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks ...
Read more >Set-Cookie - HTTP - MDN Web Docs
Means that the browser sends the cookie only for same-site requests, that is, requests originating from the same site that set the cookie....
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
A new option was added for 4.1.0: https://github.com/aspnet/AspNetKatana/pull/308/files#diff-5df72023cbd21f64c7f53a8cb8de98deR72
Good question. Didn’t find how I can do it in code. Any suggestions? I am using Owin CookieAuthenticationExtensions.