London Dev Meetup Rescheduled! Due to unavoidable reasons, the event has been moved to 21st May. Speakers remain the same—any changes will be communicated. Seats are limited—register here to secure your spot!

AI OnAI Off

SameSite setting for Forms cookies

Arjan Paauw
Arjan Paauw
Vote:
 

Is it possible to set the SameSite property on the cookies emitted by the Forms module?
e.g.:

.EPiForm_BID
.EPiForm_VisitorIdentifier
EPiForm_21239097-....
#337201
Mar 14, 2025 5:24
Paul Gruffydd
Paul Gruffydd
Vote:
 

I don't think there's any way to configure the value for the forms cookies through any kind of forms configuration though there are other options available. One way would be to set a cookie policy in your startup.cs like this (though bear in mind it will be applied to all cookies):

app.UseCookiePolicy(
    new CookiePolicyOptions
    {
        MinimumSameSitePolicy = SameSiteMode.Lax,
        Secure = CookieSecurePolicy.SameAsRequest,
        HttpOnly = Microsoft.AspNetCore.CookiePolicy.HttpOnlyPolicy.Always
    });

#337494
Mar 26, 2025 22:52
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.