Skip to main content

SameSite Cookies

web.dev has a very insightful article on SameSite cookies. Read it to understand how they work.

Value Intended Use Example
SameSite=Lax Functionality affecting the display of the site. Includes first request. Theme switcher
SameSite=Strict Relating to actions the user initiates. From second request. Password change
SameSite=None Functionality affecting the embedding of the site content.
Cookies with SameSite=None must also specify Secure, meaning they require a secure context.
Watch it later button
- Legacy.
Cookies without a SameSite attribute will be treated as SameSite=Lax.

-