I wonder how is squidex prepared to deal google chrome’s cookies policy [here].(https://www.chromestatus.com/feature/5633521622188032)
As long as you run squidex under https it is fine.
Thanks, but if I have the identity server on a different domain, it definitely causes silent token renew to fail because iframe thinks it is a cross-domain request.
But how is this related to cookies?
Iframe silent token renew and tokens:
Thx, I will test it…but I still don’t see how it is related to an external identity server…
I have integrated the fix into Squidex.
That’s great. Were you actually able to see the issue and be sure that this code did fix the warning cookie samesite messages?
No, I have never seen it :(…with https you do not have issues and I do not have safari available
Cool. Anyways I am adding it here just for your reference:
Cookies not set with same site:
Is this Squidex Identity?
Nope. It is an independent identity server but I am using it for squidex.
But what do I have to do with the cookies of your identity server?