Chrome warning for cookie SameSite attribute

Just wanted to comment on one thing after receiving some additional information from a support ticket. Regarding the comment above:

I expect that a new version of the snippet will need to be released to address this.

This may not be the case, this was the last update I received:

They’ve re-evaluated what will be needed and it turns out that the change when it’s made will be made server side and no updates to your Browser script will be required.

@carl.nunes is correct, I was just given the updated information by our engineers yesterday.

Thanks! It is good to know that there will be no actions required in the month or so before thing break.

2 Likes

Yep, should be pretty seamless, from what I’m hearing from engineering.

Any update on this? The release of Chrome 80 is now less than 2 months out and if this requires a module update and/or code change, then it would be nice to have time to test that before things start breaking.

Hi there @dave13 - Good to see you in the Exoplorers Hub again. No updates. We still do not anticipate that any changes will need to be made on the customers’ end. The team is still working on the next release, so we’ll update this thread if that news changes.

Any updates on this?

Also is there any way to subscribe to this thread to get email updates? I didn’t see that as an option.

I don’t have any update right now, this is still with the engineering team.

You can subscribe to this thread by making sure you are Watching the thread with the selector here:

1 Like

We do intend to have a fix for this implemented before the Chrome update is released publicly, and at this time we are not expecting this to require customers to update their agent.

3 Likes

10 days away - got an ETA on this fix?

1 Like

I’m told that we expect the update to go to production this week.

1 Like

The change to address this Chrome update was deployed to production today.

To repeat the point made earlier in this thread, the change was made server side and customers do not need to update their agent script.

4 Likes

I still see errors
A cookie associated with a cross-site resource at http://rpm.newrelic.com/ was set without the SameSite attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure.

A cookie associated with a cross-site resource at http://newrelic.com/ was set without the SameSite attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure.

I still see errors this morning as well

@bmayhew1,

I’m correcting my earlier response here due to some inaccurate information. It would also be helpful for us to know where you were when you saw this and what browser you’re using.

@kyle999312,

We checked rpm.newrelic.com and newrelic.com both this morning and are not seeing these errors. What browser are you using and what page were you on when you experienced it?

cpac(dot)clubautomation(dot)com
Chrome - Version 79.0.3945.130 (Official Build) (64-bit) on MAC

@bmayhew and @kyle999312,

The cookie is a 3rd-party cookie that is persisted across different domains, and we think the cookie you are seeing was set before we made the change. Try clearing your cache/cookies, the new cookie should get set with the correct attribute.

I validated that when opening the site in a private chrome session (fresh cookies) the error in the console is no longer occurring. Thanks!

I’m officially confused :slight_smile:

I’ve cleared the cookies for one of our application sites, but I’m still seeing the following in the dev tools console on Chrome 79 with a couple of Chrome flags set to mimic the behaviour on Chrome 80.

In addition to those messages, I’m seeing the following cookies, most of which don’t have the SameSite values set.

In Incognito Mode, I only see the one JESSIONID cookie and none of the others.

So, I’m at a loss as to whether or not this issue is resolved, or if I’m looking at something completely different, or if I’m just misunderstanding this whole thing, or…

Any ideas?

Thanks.

  • Alek