[wp-trac] [WordPress Trac] #37000: Support for the SameSite cookie attribute
WordPress Trac
noreply at wordpress.org
Tue Jan 26 17:19:58 UTC 2021
#37000: Support for the SameSite cookie attribute
-------------------------------------------------+-------------------------
Reporter: johnbillion | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Future
| Release
Component: Security | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback needs-dev- | Focuses:
note has-unit-tests | administration
-------------------------------------------------+-------------------------
Comment (by mikejolley):
I am building a headless site on a different domain supporting logins via
the Rest API/WPGraphQL using cookies. I require `samesite=none`.
To workaround this issue I have to use the `set_auth_cookie` and
`set_logged_in_cookie` actions to set the cookies manually, and bail
before WP sets it's cookies using the `send_auth_cookies` filter.
This is quite a lot of code that could be better achieved if WP had a
wrapper for it's setcookie function—one which provided a filter, or method
of short circuiting it based on the cookie name.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37000#comment:42>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list