Open drewfreyling opened 4 years ago
Hi,
a bit uglier workaround (but maybe simpler) is to just add "; SameSite=
Yup a class that extends NancyCookie and overrides the ToString
method works better as a workaround.
I just made a PR to add SameSite
property.
Nancy Version: Tested 1.4.5 and 2.0.0
Currently with all the SameSite cookie changes being done in Chrome (and FF and Edge) there is no nice way to set the SameSite options for a
NancyCookie
. See https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1 for more details.Particularly this becomes a higher priority now that Chrome 80 is stable and has breaking changes around SameSite properties.
The only currently workaround I can see for the moment is to add a OWIN middleware and manually change the cookies myself.