<httpCookies httpOnlyCookies="true|false" requireSSL="true|false" domain=".domain.com" sameSite="None|Lax|Strict|Unspecified" />
When a cookie that has HttpOnlyCookies set to true is received by a compliant browser, it is inaccessible to client-side script.
Setting the sameSite attribute value to either of the Strict, Lax or None enumeration values will cause a SameSite attribute to be appended on all cookies of your application that are not Authentication or Session related. Cookies marked with SameSite=None will only be sent back to the server if marked as secure and if the connection between client and server is a secure connection.
© 2021 Digcode.com