Hello,
When checking my Piwigo site with Firefox > Inspect Element > Console recently I got following warning:
Cookie “pwg_id” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/ … e/SameSite
As of PHP version 7.3 it is said to be possible to use following PHP function specifying SameSite:
setcookie('name', 'value', ['samesite' => 'Strict']);
With my earlier PHP version 7.1 I could not find a working syntax, but it is possible to edit cookies inside of your web server as well. This is especially useful when you’re dealing with a language or framework that makes it hard for you to properly or easily set SameSite.
For Apache, you should be able to add the following to your VHOST configuration to enable SameSite support:
<ifmodule mod_headers.c> Header always edit Set-Cookie (.*) "$1; SameSite=strict" </ifmodule>
Offline