Be careful if you have headers setting cookie params | WordPress.org

Resolved spottedpaint
(@spottedpaint)

4 years ago

I found that the thing that was stopping the plugin version 1.1.1 working was a http header I had set for security

Header always edit Set-Cookie ^(.*)$ “$1; HTTPOnly; Secure; SameSite=Strict

Perhaps that is a header others wouldn’t set.

Hopefully this will be helpful to someone else if they have the same issue. I don’t know if that is in the documentation.

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Support Christian
(@christian1983)

4 years ago

Hey @spottedpaint

I think you are talking about 2.1.1 or last version 2.1.2 right?

let us know.

Best,
Christian

Thread Starter spottedpaint
(@spottedpaint)

4 years ago

Yes 2.1.1 pity I can’t change it in the original comment.

Plugin Support Diego B
(@diegobarle)

4 years ago

Hi @spottedpaint
Hope you’re doing fine.

Yes that edit on the set cookie headers would make all the gateways that work with redirect unavailable. No need to have it on our documentation.
Thank you for your collaboration, your comment can help anyone else that faces a similar issue.

There is documentation that could clarify:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite

Best,
Diego

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Be careful if you have headers setting cookie params’ is closed to new replies.

3 replies
3 participants
Last reply from: Diego B
Last activity: 4 years ago
Status: resolved