Modern UX and cross-site cookie warnings
Article ID: 205413
Updated On:
Products
Issue/Introduction
We're now running Firefox 83.0 and we're seeing all these
Is this something that Broadcom is aware of? Do you have any further information?
Cause
DESCRIPTION FOR RELEASE NOTES:
SUMMARY: Firefox 83.0 is showing cross-site cookie warnings in the logs.
Cookie “NG_TRANSLATE_LANG_KEY” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
STEPS TO REPRODUCE:
1- Using Firefox 84 or later version, bring up the URL for the Modern UX
2- Open the Web Inspector > "Console"
3- Refresh the Clarity /pm page
4- The web inspector will show this message fpr a cookie:
Cookie “NG_TRANSLATE_LANG_KEY” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Expected Results: Cookies from clarity have the required/recommended SameSite attribute WITH the "secure" attribute
Actual Results: Cookies from clarity do NOT have the required/recommended SameSite attribute with the "secure" attribute
Workaround:
This message is a warning for now, but could become a serious problem soon if Firefox starts to block these cookies.
Environment
Release : 15.8.1, 15.9
Component : CA PPM SECURITY INTEGRATION
Resolution
DE59126
Additional Information
Warning Text from the screenshot:
Cookie “NG_TRANSLATE_LANG_KEY” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite
Attachments
Feedback
