Opened 4 years ago

Closed 4 years ago

#32101 closed New feature (wontfix)

Handle SameSite=None Known Incompatible Clients

Reported by: Dulmandakh Owned by: nobody
Component: Core (Other) Version: 3.1
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I recently bumped into issues with SameSite=None cookies, and found that some browsers are incompatible (https://www.chromium.org/updates/same-site/incompatible-clients).

I think that Django should handle this, because handling this is non-trivial. For me, I wrote custom SessionMiddleware to work around the issue.

I would like to work on a fix, if core devs are interested and maybe release in a next bug fix release.

Change History (1)

comment:1 by Mariusz Felisiak, 4 years ago

Component: contrib.sessionsCore (Other)
Resolution: wontfix
Status: newclosed
Type: BugNew feature

I don't think that Django should include hooks based on user agents for detecting bugs in old browsers. It sounds like a third-party package is the best way to proceed.

You can start a discussion on DevelopersMailingList if you don't agree.

Note: See TracTickets for help on using tickets.
Back to Top