Y
Hacker News
new
|
ask
|
show
|
jobs
by
Buge
2364 days ago
Why None instead of Lax? The uses cases you mentioned for the None cookie seem like they would still work with a Lax cookie.
1 comments
jacobparker
2363 days ago
Ah, good point. So it depends on your site. Some sites need to do things like serve embeddable content or be an OAuth identity provider, etc., and SameSite=None is required in those cases. Sorry for not being more clear about that.
link