1

I am trying to create a cookie in Drupal 8.9 with SameSite=none with secure attribute, using the Symfony\Component\HttpFoundation\Cookie class but I am unable to do so as the class doesn't allow the secure attribute along with none.

Also, I tried setting the Cookie's secure parameter to TRUE but it results in infinite redirects in my site. I don't want to implement the solution on site level as it will affect other cookies capabilities. I just want to do this for one particular cookie I am creating.

$cookie = new Cookie(self::SIGMACOOKIENAME, TRUE, 0, '/', NULL, TRUE, FALSE, TRUE, self::SAMESITE_NONE);
Improve this question

1 Answer 1

Reset to default
1

If you're setting SameSite=None, you'll need to set the Secure attribute for HTTPS.

If SameSite=None is set, the cookie Secure attribute must also be set (or the cookie will be blocked). https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#none

Improve this answer
2
  • Yes, if I set the Secure attribute then my site results in infinite redirects. Commented Dec 24, 2021 at 4:58
  • That’s the issue then, you’ll need to fix your site to work with HTTPS. For example, with letsencrypt. Commented Dec 24, 2021 at 5:25

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.