Changes between Version 1 and Version 2 of Ticket #31218
- Timestamp:
- Jan 30, 2020, 1:55:35 AM (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #31218 – Description
v1 v2 1 1 Google is now requesting, starting from Chrome 80 (from February 4th), to add "SameSite=None; Secure" to cookies (https://www.chromium.org/updates/same-site), otherwise it will not be considered as not CSRF-proof anymore by Chrome. 2 2 3 In all Django release branches, response.set_cookie() method is not accepting "samesite" key set to "None" , but it seems it has been done in master branch (https:// www.chromium.org/updates/same-site).3 In all Django release branches, response.set_cookie() method is not accepting "samesite" key set to "None" , but it seems it has been done in master branch (https://github.com/django/django/commit/b33bfc383935cd26e19a2cf71d066ac6edd1425f). 4 4 5 5 Do you know when it will be merged to release branche(s)?