[
https://issues.apache.org/jira/browse/JSPWIKI-1129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18036543#comment-18036543
]
Alex O'Ree commented on JSPWIKI-1129:
-------------------------------------
we can set this, but then we'll need to include SSL by default with the
embedded tomcat setups and it will require SSL/TLS on all deployments. Not the
end of the world but it may cause some issues for some users
> JSPUserWikiPrefs cookie is missing sameSite and/or secure attribute
> --------------------------------------------------------------------
>
> Key: JSPWIKI-1129
> URL: https://issues.apache.org/jira/browse/JSPWIKI-1129
> Project: JSPWiki
> Issue Type: Improvement
> Components: Templates and UI
> Affects Versions: 2.11.0-M6
> Environment: This can be reproduced on https://jspwiki-wiki.apache.org
> Reporter: Ulf Dittmer
> Assignee: Alex O'Ree
> Priority: Minor
>
> Firefox shows this message in the console: Cookie “JSPWikiUserPrefs” will be
> soon rejected because it has the “sameSite” attribute set to “none” or an
> invalid value, without the “secure” attribute. To know more about the
> “sameSite“ attribute, read
> [https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
