[Seaside-dev] Cookie tracking and SameSite setting
Esteban Maringolo
emaringolo at gmail.com
Fri Dec 4 23:17:59 UTC 2020
Hi Max,
I'll create the issue, at least as a reminder.
Regards!
Esteban A. Maringolo
On Tue, Dec 1, 2020 at 5:18 PM Max Leske <maxleske at gmail.com> wrote:
>
> Hi Esteben,
>
> Interesting case. I guess we didn't think about that. Usually you wouldn't want to share the tracking cookie with another domain but that might be a valid case
>
> This should probably be solved by updating the configurations (which can be tough), so if you feel up to it we'd appreciate a PR with such a change.
>
>
> Cheers,
> Max
>
> On 28 Nov 2020, at 19:25, Esteban Maringolo wrote:
>
> > Hi all,
> >
> > I have an application that has a Cookie based tracking strategy, but
> > given that the SameSite setting is hardcoded to be 'Strict' it forbids
> > (and actually breaks) the behavior of my Seaside app when it is
> > embedded into an <iframe> in a third party domain.
> >
> > Should this SameSite setting be configurable somehow?
> >
> > The only way I found to do this was by subclassing the tracking strategy class.
> >
> > Regards,
> >
> > Esteban A. Maringolo
> > _______________________________________________
> > seaside-dev mailing list
> > seaside-dev at lists.squeakfoundation.org
> > http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev
> _______________________________________________
> seaside-dev mailing list
> seaside-dev at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev
More information about the seaside-dev
mailing list