Question5Replies392Views KevinR13 Member since 2017 2 posts Sopra Posted: January 14, 2020Last activity: March 30, 2020 How to implement sameSite cookie flag in Pega 7.2.2 ?Hello,We will work on Pega 7.2.2 and we have a mashup implemented in production. Some users use Google Chrome browser and in February 2020, Google will implement the new secure cookie model:https://blog.chromium.org/2019/10/developers-get-ready-for-new.htmlA new flag must be present in cookie to enable the cookie transmission between the same domain when the users not use the same web site. So I want to know how to implement it in Pega ?Regards, Pega Platform Low-Code App Development Security ×Close popoverFacebookTwitterLinkedinEmail Copy Link Copied! Posted: 9 months agoHarish_GCS PEGA replied to KevinR13The support for the usage of samesite cookie attribute has been added from 8.3 Pega version onwards. You need to upgrade to the latest version to get support. https://community.pega.com/sites/default/files/help_v83/procomhelpmain.htm#security/configuring-cross-site-request-forgery-settings-tsk.htm Posted: 9 months agoSridhar Healthfirst replied to Harish_GCSHi Harish,The added support in v8.3 only provides options to set the flag to Lax or Strict, but the chrome 80 update would need Pega to set the flag to 'none' for the mashup to work. Isn't that so? Posted: 8 months agoStojanchoS Vodafone replied to SridharThat is correct. We were told by Pega Support that SameSite=None is supported from Pega 8.3.2. Posted: 8 months agoherna PEGA replied to StojanchoSI don't see that option in Pega 8.4 , I only see Lax and Strict. Posted: 7 months agoHarish_GCS PEGA replied to hernaHi Herna, The option is not available in 8.4 but should be available in 8.4.1. Currently, it's included in 8.3.2 & 8.2.6.Look at the solution mentioned in the below article:- https://community.pega.com/knowledgebase/articles/pega-web-mashup/troubleshooting-corb-error-pega-web-mashups-chrome-80-samesite-cookies Let me know if that helps!