Changes between Version 3 and Version 4 of Ticket #31218


Ignore:
Timestamp:
Jan 30, 2020, 1:58:03 AM (5 years ago)
Author:
Adrien Carpentier
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #31218 – Description

    v3 v4  
    1 Google is now requesting, starting from Chrome 80 (from February 4th), to add "SameSite=None; Secure" to cookies (https://www.chromium.org/updates/same-site), otherwise it will not be considered as not CSRF-proof anymore by Chrome.
     1Google is now requesting, starting from Chrome 80 (from February 4th, 2020), to add "SameSite=None; Secure" to cookies (https://www.chromium.org/updates/same-site), otherwise it will not be considered as not CSRF-proof anymore by Chrome.
    22
    33In all Django release branches, response.set_cookie() method is not accepting "samesite" key set to "None" , but it seems it has been done in master branch (https://github.com/django/django/commit/b33bfc383935cd26e19a2cf71d066ac6edd1425f).
Back to Top