menu
Logo
  • Why azing?
  • Blog
  • Help
ENarrow_drop_down
  • DE
  • EN
Suche in Checklisten
search
azing Logo ENarrow_drop_down
  • DE
  • EN
  • Why azing?
  • Help
DNN Community
drive_folder_upload
  • homeChecklist Templates
  • south
  • fiber_manual_recordOperations and Security
  • south

folder_sharedOperations and Security

  • homeChecklist Templates
  • south
  • fiber_manual_recordOperations and Security
  • south

folder_sharedOperations and Security

Folders and checklists

  • folder_sharedHosting DNN
  • check_circleConfigure SameSite Cookies for IFrames
  • check_circleDNN-​Website Performance Training (2illumin8)
  • check_circleDNN-Issues Analysis Training (2illumin8)
  • check_circleDNN-Security Training (2illumin8)
  • infoUseful Tools to analyze Website-Issues

Parts (0) expand_more

These are small document-parts which are used in other documents. They are not a starting point for any real activity. Because of this, they will be listed further down and the search will not list them unless requested. 

Just to summarize, here's what we are doing:

  1. We only care about scenarios where our DNN site is running in https.
    Other scenarios simply won't support cookies in iFrames any more. 
  2. We primarily care about httpOnly cookies.
    These are cookies which the server sets, and receives again, but JS cannot access. These cookies are used for authentication and similar. These cookies are extra secure - since JS cannot access them, it also cannot abuse them from another frame. But we need them, so postback calls and login state work. 
  3. These httponly must be set to sameSite=None (see docs) because
    This means that they can be used in IFrames (another site). 
  4. AND they must also be set to Secure
    Otherwise Chrome etc. will ignore the SameSite completely. So these cookies will only be allowed if you're running https.

You can read more about this in the chromium blog.

Logo
Legal | Content Copyright CC-BY 4.0
bug_reportReport Bug
  • info
  • Links
  • Permissions
code Share
code
URL copied to clipboard.
Embed Checklist close
Copy Copy
Content Copyright

CC-BY 4.0

Translations

None

DNN Community Logo

DNN Community
QR-Code
azing.org/dnn-community
/r/F_ctdrJj
View & Use

Public (can be used by everybody)

Edit & Admin

Default (all members can edit)

This catalog has a simple permission model, where all members have the same permissions. For advanced permissions, upgrade to Enterprise.

Here you can see how this document is used and linked by other documents

Used in (1)

Others referencing this

  1. Configure SameSite Cookies for IFrames
Uses these (0)

Documents linked from this document

How it Behaves

How this document is categorized changes how it behaves.

This is a partial document. It is listed below the normal documents, and is hidden in the default search.

It belongs to Configure SameSite Cookies for IFrames

Type

This is an Information. Lists are treated as information and not as checkboxes'

Get something to say?

Comment to start a discussion or make a note
send

please log on to chat

close

Durchsuche ganz Azing