google-chromeiframesingle-sign-on
SSO login not working in iframe after chrome update
I have an app that lists different in-house and third party apps. There are some apps that are opened in iframe within my app and some of them are SSO enabled. Recently after chrome update to version 84.0.4147.125 the SSO login stopped working for apps in iframe, its working fine when opened in a new browser window.
This behavior isn't occurring in any other browser except Chrome, can any one assist me with this?
Solution
Root cause:
Certain cookies are set without the SameSite attribute.
They must be been blocked, as newer version of Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure
To validate this, you can set Chrome flag chrome://flags/#same-site-by-default-cookies as Disabled
Resolution:
- Specify
SameSite=NoneandSecureif the cookie should be sent in cross-site requests. This enables third-party use. - Specify
SameSite=StrictorSameSite=Laxif the cookie should not be sent in cross-site requests
- Which ChromeDriver version is compatible with which Chrome Browser version?
- Copy an object from the webkit inspector as code
- Remote Debugging for Chrome iOS (and Safari)
- Unable to inspect Android device via Chrome://inspect
- how to programmatically identify latest version of chrome
- What does the argument --virtual-time-budget of Chrome CLI really mean?
- How to get the value of a Google Chrome flag using Javascript
- 100vh height when address bar is shown - Chrome Mobile
- Taking full page screenshot with a Chrome extension
- Image not loading on local site I made
- SSL Localhost Privacy error
- Video auto play is not working in Safari and Chrome desktop browser
- Is there a way to set the Google Chrome's developer tools window to always be on top?
- Origin <origin> is not allowed by Access-Control-Allow-Origin
- Chrome push notification - How to open an URL address after clicking?
- How can I make sure AuthName works in all browsers?
- How can I change the window title of an opened youtube video to include the channel name?
- Why is my localhost self-signed SSL certificate suddenly invalid in Chrome?
- chrome extension - Service worker registration failed - manifest V3
- After Loading Page in Inspect Mode ,Shows No Internet Error.How to resolve this issue?
- Responsive media query not working in Google Chrome
- How to run a web application in Android mobile Chrome browser
- How to permanently exclude localhost from HSTS list in Google Chrome
- How to force JavaScript to deep copy a string?
- How is the missing path attribute of a cookie computed or handled in a Single Page Application?
- How to tell why a cookie is not being sent?
- request.getParameter returning null values in chrome
- How to get rid of "Choose your search engine" dialog in Chrome v.127 on Selenium test run?
- Is there a way to resize a web browser's window so that their dimesions are a specific width and height?
- New version of Chrome broke chrome-php/chrome