id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
31933	Regression in Set-Cookie which affects Django users	אורי	nobody	"It seems that there is a regression in `Set-Cookie` in browsers such as Chrome and Dolphin, which affects Django users. `SESSION_COOKIE_SAMESITE = None` does not work any more with those browsers. This affects all versions of Django, and especially where it's not possible to explicitly set cookies to `SameSite=None` (Django <= 3.0).

You can read about it in the following links:

- [https://www.chromestatus.com/feature/5088147346030592 Cookies default to SameSite=Lax]
- [https://www.chromestatus.com/feature/5633521622188032 Reject insecure SameSite=None cookies]

You can see more information in the [https://stackoverflow.com/q/63538073/1412564 question] I just asked on Stack Overflow.

I think it should be made possible to explicitly set cookies to `SameSite=None`, also in settings such as `SESSION_COOKIE_SAMESITE`, and backport it to all working versions of Django."	Bug	closed	HTTP handling	dev	Normal	wontfix			Unreviewed	0	0	0	0	0	0