Possible misconfiguration on cookies? Firefox complains about cookie with SameSite=None and Secure=true #5825
-
|
Taking a look at Firefox's development tools while browsing Hosted Weblate's translation editor, I read on the Console tab the follow message:
I also notice, in the Storage tab of development tools, that there is cookie named "django_language" with value "pt-br" set with
As far as I can tell, this is not affecting functionalities at the moment. But I faced issues with other websites related to SameSite setting and resources blocked. Is this something that should be solved on Weblate's side? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
Weird, that cookie does not specify SameSite and that should mean SameSite=Lax (see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite). The same is stated in the js library we use here: https://github.com/js-cookie/js-cookie#samesite I will set it there just to be on the safe site - 52d4de3. The language cookie params should be fixed by 1533a03 |
Beta Was this translation helpful? Give feedback.
-
|
@nijel Should I be seeing SameSite=Lax already in Hosted Weblate? Just asking because I still see it SameSite=None. |
Beta Was this translation helpful? Give feedback.
-
|
It should be there, it's just some cookies not being updated frequently... |
Beta Was this translation helpful? Give feedback.
-
|
Oh, right. Ctrl+F5 was not enough, I had to clean up the cookies. I see it SameSite=Lax, thanks! |
Beta Was this translation helpful? Give feedback.
Weird, that cookie does not specify SameSite and that should mean SameSite=Lax (see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite). The same is stated in the js library we use here: https://github.com/js-cookie/js-cookie#samesite
I will set it there just to be on the safe site - 52d4de3.
The language cookie params should be fixed by 1533a03