Looking for other third-party SPs that fail with stricter SameSite settings

Robert A Basch rbasch at mit.edu
Fri Feb 7 18:13:21 EST 2020

Thanks for providing this info; our testers have confirmed that they
see the same behavior (their testing has focused on Chrome), and have
added an appropriate asterisk to the results web page.


On 2/7/20, 2:31 PM, "users on behalf of Cantor, Scott" <users-bounces at shibboleth.net on behalf of cantor.2 at osu.edu> wrote:

    Here's the Canvas explanation:
    They claim FF has a bug that is preventing them from setting the cookie with SameSite=None, so that's why it's working in Chrome now but not in FF.
    I don't know exactly what WebExtensions is, but I'm guessing maybe the gist is that setting the cookie via Javascript doesn't work and they must be doing that.
    -- Scott
    For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
    To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list