04-08-2024, 01:26 AM
You didn't specify the application type (http.sys, Indy, ISAPI, ASPX), anyway, IntraWeb correctly sets the cookie attributes as expected in the specs.
If you have a 3rd party (or cross-site) cookie you must have both
CookieOptions.SameSite = ssoNone
CookieOptions.Secure = True
and you must use HTTPS only. Any HTTP (not HTTPS) connection will give you this warning because a cross site cookie can't be read in an unprotected HTTP connection.
Using ssoLax or ssoStrict on a 3rd party cookie won't work.
All this is described in detail here: https://developers.google.com/search/blo...one-secure
If you have a 3rd party (or cross-site) cookie you must have both
CookieOptions.SameSite = ssoNone
CookieOptions.Secure = True
and you must use HTTPS only. Any HTTP (not HTTPS) connection will give you this warning because a cross site cookie can't be read in an unprotected HTTP connection.
Using ssoLax or ssoStrict on a 3rd party cookie won't work.
All this is described in detail here: https://developers.google.com/search/blo...one-secure