Question

2
Replies
39
Views
Close popover
Srikrishnakanth Koppuravuri (Srikrishnakanth)
Infosys

Infosys
IN
Srikrishnakanth Member since 2013 5 posts
Infosys
Posted: 1 week 5 days ago
Last activity: 1 week 4 days ago

Change JSESSIONID cookie samesite attribute to "None" for Chatbot mashup

Hello,

We are implementing Webchatbot and this mash-up uses two cookies JSESSIONID and PegaRULES. Chatbot works fine in Firefox but not in Chrome. Upon analysis, we found that the Chrome is blocking the cookies in cross site context if the cookie's samesite attribute value is not set. 

We updated the PegaRULES samesite value using a DSS but how to set the JSESSIONID cookie's samesite in Pega?

We understand that JsessionID is set by application server, not Pega. If the cookie samesite is not set then the Chatbot is not working. 

Our IT-ops team doesn't want to update this cookie as it might affect other Pega applications as well and concerned about security. 

Note: In CSRF settings landing page, I enabled the SameSite and set it to "None" but this is not setting the JSESSIONID cookie. 

Pega Customer Service Conversational Channels Financial Services