How to set a set cookie in the management screen?

dan.woda · December 20, 2021, 2:52pm

It’s not possible to manually set it. The team had this to say:

We explicitly set it to none when saving cookies, at least for HTTPS. If no HTTPS, we use the browser default by not specifying a value at all.https://github.com/auth0/auth0-spa-js/blob/0c6166c0f1dd7c8405b7231d0074c1eb0d8a164f/src/storage.ts#L36

If they’re testing on localhost , it could be (I’m assuming Chrome) defaulting to lax if the SameSite attribute is not specified. See this Chrome feature which started rolling out from July 2020. So it could be Chrome just reporting that default.

When SameSite was implemented in this SDK, we decided at the time to specify none when running on HTTPS, and not specify anything at all (inherit browser defaults) when not running on HTTPS.

Hope that helps.

Topic		Replies	Views
SameSite attribute still not set in cookies after Authorization Extension update Get Help authorization	3	5703	March 10, 2020
Compat Cookie Attributes Knowledge Articles cookies , samesite-cookies	1	1865	November 11, 2022
Samesite cookie flag required changes Get Help cookie , auth0-spa-js , samesite	8	8661	August 12, 2020
A cookie associated with a cross-site resource at http://auth0.com/ was set without the `SameSite` attribute Get Help	21	13240	October 2, 2020
Need to make code changes to .NET apps to support Chrome SameSite cookie changes? Get Help	2	4447	February 28, 2020

How to set a set cookie in the management screen?

Related topics