Specifies constants that indicate the value for the SameSite attribute of the cookie.
public enum class SameSiteModepublic enum SameSiteModetype SameSiteMode = Public Enum SameSiteModeThe cookie will be sent with all requests (see remarks).
Lax 1The cookie will be sent with "same-site" requests, and with "cross-site" top level navigation.
Strict 2When the value is Strict the cookie will only be sent along with "same-site" requests.
The behavior of None was modified by updates described in KB article 4531182 and KB article 4524421.
Without these updates, the None value does not emit the SameSite cookie header. This conforms to https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1.
After these updates have been applied, the None value emits the SameSite=None cookie header. This new behavior conforms to https://tools.ietf.org/html/draft-west-cookie-incrementalism-00. As part of this change, FormsAuth and SessionState cookies will be issued with SameSite = Lax instead of the previous default of None, though these values can be overridden in web.config.
On systems where these updates have been applied, you can specify the previous behavior by setting the SameSiteMode to (SameSiteMode)(-1). You can specify this behavior using the string Unspecified in web.config.
Collaborate with us on GitHub
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide. In this articleWas this page helpful?
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4