HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Embeded comments, Samesite cookie issue

Hi so i embeded the universal comments on another site, i did everything correct and could not get the signed in user to show that the user was signed in and can comment, so i disabled the Same site settings in the chrome flags and it started working, problem is the cookies that identify the logged in user is there but the samesite column when insepecting the cookie is blank therefor browser now mark them as Samesite=LAX which will prevent an iframe from reading that cookie and allow vanilla from showing that the user is logged in

i need a way to either modify the core and add that cookie perameter so that it sets the Samesite = none


reference

https://www.chromium.org/updates/same-site

Tagged:

Comments

Sign In or Register to comment.