Opened 4 years ago
Closed 4 years ago
#32101 closed New feature (wontfix)
Handle SameSite=None Known Incompatible Clients
Reported by: | Dulmandakh | Owned by: | nobody |
---|---|---|---|
Component: | Core (Other) | Version: | 3.1 |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
I recently bumped into issues with SameSite=None cookies, and found that some browsers are incompatible (https://www.chromium.org/updates/same-site/incompatible-clients).
I think that Django should handle this, because handling this is non-trivial. For me, I wrote custom SessionMiddleware to work around the issue.
I would like to work on a fix, if core devs are interested and maybe release in a next bug fix release.
Change History (1)
comment:1 by , 4 years ago
Component: | contrib.sessions → Core (Other) |
---|---|
Resolution: | → wontfix |
Status: | new → closed |
Type: | Bug → New feature |
Note:
See TracTickets
for help on using tickets.
I don't think that Django should include hooks based on user agents for detecting bugs in old browsers. It sounds like a third-party package is the best way to proceed.
You can start a discussion on DevelopersMailingList if you don't agree.