Feb 13, 2020 — Selective use of “SameSite” cookie attributes
over 3 years ago by cverner@akamai.com
We recently enhanced AMD's Cookie-based Token Authentication functionality to maintain compatibility with Google’s updates to their SameSite Cookie attribute, with Chrome version 80 and later.
With this new change, Akamai is more selective when explicitly setting the “SameSite=None” and “Secure” attributes for token cookies. Akamai identifies cross-site requests by looking for the presence of the “Origin” header and sets the “SameSite=None” and “Secure” attributes only if this request header is present.