Unable to set SameSite=None PHP 7.4 no error no warning

857 views Asked by At

I have scoured across the Internet trying to find the correct way of setting SameSite to none.

I am at PHP 7.4.2 (CLI) I also need to work on PHP 7.3 and lower.

These are the ones I tried so far

//1
setcookie($name, $value, ['secure' => true, 'samesite' => 'None']);
//2
setcookie($name, $value, [
    'expires' => $expire,
    'path' => '',
    'domain' => '',
    'secure' => true,
    'httponly' => false,
    'samesite' => 'None',
]);

By the way, this one works

setcookie($name, $value, ['samesite' => 'Lax']); 

But this don't

setcookie($name."test4", $value, ['secure' => true, 'samesite' => 'Lax']);

This is not a problem with my browser as the similar suggestion says. I don't get any error or browser warning. The piece of code just does nothing.

As I mentioned working from docker with PHP 7.4 and Apache.

1

There are 1 answers

0
shababhsiddique On BEST ANSWER

Turned out my syntax was all right. I missed the point that when I set 'secure' to 'true' (as a byproduct of samesite none).

I just learned that when you set secure to true on cookie it means it will only set that cookie if there is a secure connection. i.e. if the site has HTTPS.

Working from localhost docker environment I didn't have HTTPS, so that's why cookie was not setting at all, no warning, or error was thrown either.

The solution was to get HTTPS, I had a test server up with HTTPS where I uploaded my application and it all worked out.