Changes between Initial Version and Version 1 of Ticket #31934
- Timestamp:
- Aug 22, 2020, 11:49:34 PM (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #31934 – Description
initial v1 2 2 3 3 `SESSION_COOKIE_SAMESITE` is documented (in Django 3.1) with the options 'Strict', 'Lax', 'None' and False. However, False means cookies will be sent without `SameSite`, which means some browsers (Chrome, Dolphin) will give it default such as 'Lax', which is different than what used to be in the past. I think this default should be documented in all active versions of Django. Maybe it's also better to add that using False is not recommended. 4 5 Also, document that with Chrome, if you use 'None' the cookie must be secure.