Changes between Initial Version and Version 1 of Ticket #31934


Ignore:
Timestamp:
08/23/20 04:49:34 (2 years ago)
Author:
אורי
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #31934 – Description

    initial v1  
    22
    33`SESSION_COOKIE_SAMESITE` is documented (in Django 3.1) with the options 'Strict', 'Lax', 'None' and False. However, False means cookies will be sent without `SameSite`, which means some browsers (Chrome, Dolphin) will give it default such as 'Lax', which is different than what used to be in the past. I think this default should be documented in all active versions of Django. Maybe it's also better to add that using False is not recommended.
     4
     5Also, document that with Chrome, if you use 'None' the cookie must be secure.
Back to Top