Open Closed

A cookie associated with a cross-site resourcwas set without the `SameSite` attribute #9273

bluescopesteel created


I see that your code sets cookies as follows:


How are we meant to set the SameSite attribute for these coookies.


private static setEncryptedTokenCookie(encryptedToken: string) {
    new UtilsService().setCookieValue(AppConsts.authorization.encrptedAuthTokenName,
        new Date(new Date().getTime() + 365 * 86400000), //1 year

This appears an important issue - yet I have seen no advisiory from you on it. Is our Website going to stop working soon?

What do I need to do to get the ABP SetCookieValue() code to comply?

I have seen other posts in your forums on this BUT in them I have not seen clear advice from you.

1 Answer(s)
  • 0
    musa.demir created
    Support Team

    Hi @bluescopesteel I have created an issue about it. You can follow the progress in here: