Change SameSite cookie on the fly in Symfony

This issue is related to Chrome update where they forced to set SameSite attribute (https://www.chromium.org/updates/same-site/incompatible-clients)

Following this link, Chrome 51 to 66 will not accept SameSite=None. However, in Symfony settings I have set the following:

framework:
  ...
  session:
    ...
    cookie_samesite: 'none'
    cookie_secure: true

Now, for the Chrome client 51 to 66 I want to change None to Lax, so this has to be changed on the request level I guess. The part how to detect Chrome version I know, but I am not sure how to apply Lax after the device is detected.

I cannot change to Lax by default because website can be iframed.

Any suggestions?

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *