Manual:$wgCookieSameSite/en
From Linux Web Expert
| <translate> Cookies</translate>: $wgCookieSameSite | |
|---|---|
| The SameSite cookie attribute used for login cookies. |
|
| <translate> Introduced in version:</translate> | 1.34.3 (Gerrit change 608993; git #f8a7a1ac) |
| <translate> Removed in version:</translate> | <translate> still in use</translate> |
| <translate> Allowed values:</translate> | "Lax", "Strict", "None" or an empty string/null |
| <translate> Default value:</translate> | null (gerrit:608993, gerrit:612335, gerrit:615843) |
| <translate> Other settings:</translate> <translate> Alphabetical</translate> | <translate> By function</translate> | |
Details
This only applies to login cookies, since the correct value for other cookies depends on what kind of cookie it is.
SameSite=None is only permitted for HTTPS requests. See $wgForceHTTPS).Addition
This variable was added in MediaWiki 1.35.0 (gerrit:608993).
It was backported to 1.34 as part of the MediaWiki 1.34.3 release (gerrit:612335).
It was also backported to 1.31 as part of the MediaWiki 1.31.9 release (gerrit:618543).
See also
- Manual:SameSite cookies
$wgUseSameSiteLegacyCookies- T255366 - tracking issue for SameSite-related problems
