SSO login not working in iframe after chrome update
Root cause:
Certain cookies are set without the SameSite
attribute.They must be been blocked, as newer version of Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None
and Secure
To validate this, you can set Chrome flag chrome://flags/#same-site-by-default-cookies
as Disabled
Resolution:
- Specify
SameSite=None
andSecure
if the cookie should be sent in cross-site requests. This enables third-party use. - Specify
SameSite=Strict
orSameSite=Lax
if the cookie should not be sent in cross-site requests