IE 11 is not accepting SameSite cookies

3.2k views Asked by At

I know it is a big topic in the internet, but I could not find any working solution till now.

Some of my clients integrate my website thourgh a iframe. In Firefox/Chromium everything works fine after I set the SameSite attribute to None and added Secure to it.

Now there is also a IE11 in the world and I don't know what to do else to make it my cookies right, so the IE11 accepts them.

This is what the IE11 gets:

Set-Cookie: JSESSIONID=CFA2E0643F0CA81B68B4A984D7FC429D; Path=/; Secure; HttpOnly;SameSite=None;Secure
Set-Cookie: JSESSIONID=CFA2E0643F0CA81B68B4A984D7FC429D; Expires=Mon, 05-Oct-2020 15:19:46 GMT; Path=/; Secure; HttpOnly;SameSite=None;Secure
Set-Cookie: my-cart=f5e5dcea-8d9e-33a6-b228-9e7e6dc04f4a; Expires=Wed, 03-Mar-2032 06:19:46 GMT; Path=/; Secure; HttpOnly;SameSite=None;Secure
Set-Cookie: sessionExpiry=; Max-Age=3605; Expires=Mon, 05-Oct-2020 15:19:51 GMT; Path=/; Secure;SameSite=None;Secure
Set-Cookie: anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Tue, 05-Oct-2021 14:19:46 GMT; Path=/;SameSite=None;Secure
Set-Cookie: cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Wed, 03-Mar-2032 06:19:46 GMT; Path=/; Secure;SameSite=None;Secure

As you can see, the Path starts with /. The Expires is set, if needed and the time is correct.

Is there anything else what I missed?

1

There are 1 answers

5
Yu Zhou On

As you're using Windows Server 2012, the root cause of the issue is that SameSite cookie is only supported in IE 11 on Windows 10 RS3 (2017 Fall Creators Update) and newer. So it doesn't work on your machine.

More information to reference:

(1) caniuse website

(2) SameSite Browser Compatibility

(3) Change status of SameSite cookie


To make cross domain cookies work with IE, I found some similar threads: link1, link2, and they all point to using P3P policy. You can refer to this answer for the detailed information about how to use P3P policy.