id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
31145	"Session cookie has always the ""SameSite=Lax"" header."	jET	nobody	"When I use requests test loginView, return 302 and response header set-cookie , in sessionid line, there are always have a ""SameSite=Lax,"" before sessionid string.  This causes client cookies parser problem。


{{{
{set-cookie: csrftoken=dsEtx2CP6rX5bhIbRmkTOv5LmciytID5t6ShQbgNMTALTnhCoXdxWQ1TcAzxQoDO; expires=Wed, 06 Jan 2021 17:01:00 GMT; Max-Age=31449600; Path=/; SameSite=Lax,sessionid=2rtrkbnhc8m30iqs7sw4em014hr6a3ss; expires=Wed, 22 Jan 2020 17:01:00 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax, location: /, cache-control: max-age=0, no-cache, no-store, must-revalidate, private, date: Wed, 08 Jan 2020 17:01:00 GMT, vary: Cookie, content-length: 0, x-frame-options: DENY, content-type: text/html; charset=utf-8, x-content-type-options: nosniff, server: WSGIServer/0.2 CPython/3.7.6, expires: Wed, 08 Jan 2020 17:01:00 GMT}
}}}
"	Uncategorized	closed	contrib.sessions	3.0	Normal	invalid	SameSite		Unreviewed	0	0	0	0	0	0