Search code examples
google-chromecordovasamesite

A cookie associated with a cross-site resource at http://local ip/ was set without the `SameSite` attribute

trying to call localhost URL in Cordova app I got below error

A cookie associated with a cross-site resource at http://local_ip/ was set without the `SameSite` 
attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are 
set with `SameSite=None` and `Secure`. You can review cookies in developer tools under 
Application>Storage>Cookies and see more details at 
https://www.chromestatus.com/feature/5088147346030592 and 
https://www.chromestatus.com/feature/5633521622188032.

And this Error

 Resource interpreted as Document but transferred with MIME type application/vnd.ms-excel: 
"http://local_ip:8083/api/getMailReport? reportType=MU&surId=SUR00002&selectedFromDate=05%2F11%2F2019&selectedToDate=11%2F11%2F2019&lang=E&gener 
ateReport=Generate+Report".

how to overcome this issue

Solution

  • Chrome will be changing its behavior in Chrome 80 to apply two new rules:

    1. Cookies without a SameSite attribute will be treated as SameSite=Lax by default, i.e. they will be first-party or same-site only
    2. Cookies intended for third-party or cross-site use must be marked as SameSite=None; Secure.

    The console warnings are just to inform you that you will need to add the relevant attributes to your cookies depending on what behavior your site needs.

    You can see https://web.dev/samesite-cookies-explained and https://web.dev/samesite-cookie-recipes for more information.