|
|
|
|
|
|
by lioeters
2427 days ago
|
|
|
Thank you for breaking it down and the reference link. I have a couple of setups where an application has a single sign-on for root and subdomains. The shared cookie has the Domain attribute set to the root domain, but (so far) they have no explicit SameSite attribute. I searched around and came to the conclusion that the above setup will behave the same way with new default SameSite=Lax. However, there wasn't a canonical reference that I could point to, to prove this works as I expect. |
|
|