This is really important. I have a production application breaking now when clients update their Chrome to a version that rejects any cookies without this set. It should be an easy fix, no? Express has already been updated to support this.
Any progress? I also have a production app that users are no longer able to log in to.
Bump. Having the same issue. Can we please support sameSite: 'none'?
Yes, need this supported please!
You should be able to get it working by resolving Express to a newer version such as 4.17.0. You can add this to your package.json file as an extra field.
"resolutions": {
"express": "4.17.0"
}
If you are using yarn then support for this functionality is included out of the box, if you are using npm then you need to use a package such as npm-force-resolutions. This should allow you to then set the sameSite property. 馃檪
https://github.com/rogeriochaves/npm-force-resolutions#how-to-use
As an update to this issue, you can fix it by deleting your package-lock.json or yarn.lock file and then reinstalling the npm packages. When you install the npm packages it should then resolve to a newer version of Express that supports the sameSite option and you will get a updated package-lock.json 馃檪
Most helpful comment
Any progress? I also have a production app that users are no longer able to log in to.