2

I have a custom endpoint which stores a value in a session cookie, using this code:

$session = $this->request->getCurrentRequest()->getSession(); $session->set('test.email', $data['email']);

I'm calling this endpoint from a decoupled frontend.

This works fine in Firefox, but in Chrome it looks like the session cookie is being blocked because SameSite is set to Lax. How would I set SameSite to be None? Ideally I only want to do that for this cookie, not all cookies.

Improve this question
6
  • I don't think you can do so because the Session service has only one configuration for samesite. Have you considered setting a specific cookie rather than using the session cookie? Also, FWIW, Chrome assumes "Lax" if samesite is unset. Commented Jan 25, 2023 at 16:50
  • Thanks, I'll look at switching to a custom cookie, I guess I'll need to store the data in user data with an expiry instead of session storage Commented Jan 25, 2023 at 17:46
  • Actually I can't use user data, this is an anonymous session Commented Jan 25, 2023 at 17:51
  • Local storage and cookies are different things. Commented Jan 25, 2023 at 18:46
  • Oh, I misunderstood what you wrote. Any cookie can have an expiry, which should work. Commented Jan 25, 2023 at 18:47

1 Answer 1

Reset to default
3

You can change the session cookie settings in services.yml. See How do I set the cookie lifetime?

This is not only possible for the default parameters defined by Drupal but for any parameter listed in the PHP docs:

https://www.php.net/session.configuration

So you can add SameSite=None to the session storage options:

sites/default/services.yml

parameters: session.storage.options: gc_probability: 1 gc_divisor: 100 gc_maxlifetime: 200000 cookie_lifetime: 2000000 sid_length: 48 sid_bits_per_character: 6 cookie_samesite: none

These options only apply to the session cookie, not to any cookie set by your site. To change the options dynamically see How do I dynamically change cookie_lifetime?

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.