SameSite=off creates cookies without any SameSite attribute at all, which recent versions of Chrome and Firefox treat (or will treat soon) the same as SameSite=Lax. For some use-cases you really want to send Cookies on cross domain request and now have to set SameSite to None.
This trivial PR adds None to the supported values for SameSite.
SameSite=offcreates cookies without anySameSiteattribute at all, which recent versions of Chrome and Firefox treat (or will treat soon) the same asSameSite=Lax. For some use-cases you really want to send Cookies on cross domain request and now have to setSameSitetoNone.This trivial PR adds
Noneto the supported values forSameSite.