search

xkjyeah / vue-google-maps

Google maps component for vue with 2-way data binding
https://xkjyeah.github.io/vue-google-maps/
1.88k stars 475 forks source link

SameSite warning Chrome 77 #686

Open valeriosillari opened 4 years ago

valeriosillari commented 4 years ago

From Chrome 77 a warning appeared on any chrome browser.

A cookie associated with a resource at http://gstatic.com/ was set withSameSite=Nonebut withoutSecure. A future release of Chrome will only deliver cookies markedSameSite=Noneif they are also markedSecure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5633521622188032.

I guess it's related to "SameSite". I'm not familiar with it I have to admit, but from this thread seems related to some new standard to use in the future https://stackoverflow.com/questions/58270663/samesite-warning-chrome-77

Just wondering if I'm correct and if it could be fixed?

mandaputtra commented 4 years ago

You could bypass this by using on your server.

response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=Strict");

this are not a lib fault. Some example on express server.

app.use((req, res, next) => {
  res.set({
   "Set-Cookie", "HttpOnly;Secure;SameSite=Strict"
  });
  next()
})

or on your Nginx server proxy.

valeriosillari commented 4 years ago

Ok good. I will try.

But right now I get the same issue also with a Nuxt application where I use the plugin and I generate static code, and I guess there is no server (Express) involved.