Cookies
Cookies settings allow you to change certain attributes of cookies issued by Aurora. The purpose of this article is to describe these settings.
Cookies
Cookies settings can be found by navigating to Store > Settings > Security > Cookies
Changes made to these settings will affect all cookies set by Aurora and will take effect when cookies are next issued.
Please ensure relevant functionality is tested before changing these settings on production.
SameSite Attribute
SameSite AttributeThe SameSite attribute controls whether a cookie is sent with cross-site requests.
This attribute helps to prevent leakage of information, preserving user privacy and providing some protection against cross-site request forgery attacks
This attribute can be set to one of the following values:
| Value | Summary |
|---|---|
| Strict | Cookies are sent only for requests originating from the same site that set the cookie. |
| Lax | Cookies are sent only for requests originating from the same site that set the cookie, and for cross-site requests where the request is a top-level navigation and the request uses a safe method (in particular, this excludes POST, PUT, and DELETE.) |
| None | Cookies are sent with both cross-site and same-site requests. |
The default setting is None.
Further information
For further information about the SameSite attribute please see the following resources:
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#controlling_third-party_cookies_with_samesite
- https://owasp.org/www-community/SameSite
Updated 25 days ago