Take the community feedback survey now.

AI OnAI Off

SameSite setting for Forms cookies

Arjan Paauw
Arjan Paauw
Vote:
 

Is it possible to set the SameSite property on the cookies emitted by the Forms module?
e.g.:

.EPiForm_BID
.EPiForm_VisitorIdentifier
EPiForm_21239097-....
#337201
Mar 14, 2025 5:24
Paul Gruffydd
Paul Gruffydd
Vote:
 

I don't think there's any way to configure the value for the forms cookies through any kind of forms configuration though there are other options available. One way would be to set a cookie policy in your startup.cs like this (though bear in mind it will be applied to all cookies):

app.UseCookiePolicy(
    new CookiePolicyOptions
    {
        MinimumSameSitePolicy = SameSiteMode.Lax,
        Secure = CookieSecurePolicy.SameAsRequest,
        HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always
    });

#337494
Mar 26, 2025 22:52
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.