Feb 13, 2020 — Selective use of “SameSite” cookie attributes

We recently enhanced AMD's Cookie-based Token Authentication functionality to maintain compatibility with Google’s updates to their SameSite Cookie attribute, with Chrome version 80 and later.

With this new change, ​Akamai​ is more selective when explicitly setting the “SameSite=None” and “Secure” attributes for token cookies. ​Akamai​ identifies cross-site requests by looking for the presence of the “Origin” header and sets the “SameSite=None” and “Secure” attributes only if this request header is present.