Chrome Console SameSite Cookie Attribute Warning
Google ChromeGoogle Chrome-ExtensionGoogle Chrome-DevtoolsGoogle Chrome Problem Overview
Is anybody else getting this Chrome console warning?
> A cookie associated with a cross-site resource at SameSite
attribute. A future release of Chrome will only
> deliver cookies with cross-site requests if they are set with
> SameSite=None
and Secure
. You can review cookies in developer
> tools under Application>Storage>Cookies and see more details at
In Chrome Flags chrome://flags/ I've tried disabling both:
-
SameSite by default cookies
-
Cookies without SameSite must be secure
And the warning won't go away.
Google Chrome Solutions
Solution 1 - Google Chrome
This is something that the third-party cookie setters (like Stripe) need to handle on their end.
I reached out to Stripe because I was getting this message for Stripe payments.
Stripe support response:
It looks like we're already tracking this internally as this warning comes from Stripe.js, not from react-stripe-elements. For now this is a warning and won't affect payments, and we're working on a fix which will eliminate this message and be compatible with Chrome's upcoming cookie-handling changes.
(Me) So, it's all on your end? I don't need to do anything?
No, this is something we have to get worked out on our end.
Oh, if you're a developer at Stripe/Facebook/Pinterest/so-forth, this answer won't work for you ;)
Solution 2 - Google Chrome
Solution 3 - Google Chrome
Chrome version 80 will be available 4th of February. It looks like the console 'SameSite Cookie Attribute' warning is finally solved by Google. You can download Chrome Beta and make your own tests before the launch of the official version 80.
Solution 4 - Google Chrome
I have the same problem with paypal script and since its only them able to set the cookie, they need to fix it so browsers defaulting to this feature will be able to show the content to users properly.
Solution 5 - Google Chrome
This is what was required for me in order to finally fix the problem. Read the warning carefully and enabled/disabled required elements in my google chrome settings
Do not ignore the warning and hide the warning messages!
Consider this as a workaround, Ideally whichever 3rd party app you are trying to load needs to have SameSite=None and Secure
params in their headers set.