search

usefathom / fathom

Fathom Lite. Simple, privacy-focused website analytics. Built with Golang & Preact.
https://usefathom.com/
MIT License
7.55k stars 368 forks source link

add SameSite and Secure attribute to cookie #314

Closed ThaneshR closed 2 years ago

ThaneshR commented 4 years ago

I noticed the following warning message in devtools after self-hosting fathom-lite:

A cookie associated with a cross-site resource at [my-url] was set without the SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

Here's an in-depth article explaining the purpose of the SameSite attribute: https://blog.heroku.com/chrome-changes-samesite-cookie.

I referred to this github example to add the SameSite and Secure attribute.

wgroeneveld commented 4 years ago

Great. I'd love to get this included.

JackEllis commented 4 years ago

Agreed, we should do this!