Add Cookie SameSite None to Drupal7 and PHP7.0

951 Views Asked by Charles At 05 April 2020 at 08:37

Is there a good solution to add the Cookie SameSite None configuration to a Drupal7 and PHP7.0 setup?

My only finding was to override the file includes/session.inc from :

setcookie(session_name(), session_id(), $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);

header("Set-Cookie: {$cookie_name}={$session_id}; Domain=localhost; Path={$params['path']}; SameSite=None; Secure; HttpOnly; ");

It does not even seem to work in all situations...

There are 1 best solutions below

roger at versantus On 23 June 2020 at 12:33

It's a bit of a hack but you can set SameSite to None for the session cookie by adding this to your settings.php :

ini_set('session.cookie_path', '/; samesite=None');