Hi, we have the following setup: Apache/httpd->mod_jk_>Apache/Tomcat. "httpd" and "mod_jk" are recent versions, Tomcat is 9.0.12 and cannot be upgraded. We also have only very limited influence on the application hosted there.
Problem is that the Cookies sent by the application do not have the "SameSite" attribute set. So far not a big deal, but with newer browsers we get POST failures because instead of assuming a value of "None" for the unset attribute they now assume/set "Lax". Ideally the application could be changed to do "the right thing", or we could tell the Tomcat CookieProcessor to set the attribute to "None". Unfortunately not possible. See above. Now my question is, is there a trick to do that with "httpd" or a module? Check whether the attribute is set, if not add it to the cookie? Thanks in advance Martin -- ------------------------------------------------------ Martin Knoblauch email: k n o b i AT knobisoft DOT de www: http://www.knobisoft.de