U4-9557 - Look into adding SameSite attribute to backoffice cookies

Created by Sebastiaan Janssen 22 Feb 2017, 09:18:22 Updated by Sebastiaan Janssen 22 Feb 2017, 18:20:40

The title of this post is a bit misleading because browser support is sketchy at the moment, but preparing for future browser support is a good thing:

https://scotthelme.co.uk/csrf-is-dead/

Comments

Priority: Normal

Type: Bug

State: Open

Assignee:

Difficulty: Normal

Category:

Backwards Compatible: True

Fix Submitted:

Affected versions:

Due in version:

Sprint:

Story Points:

Cycle: