Jump to content
Tiffany_Waggoner

Chrome samesite issue

Recommended Posts

I need to update my site, running PHP 5.6.31, to allow SameSite=None; Secure, but I'm having difficulty, as my PHP version is outdated. (I'd love to update, but I just do not have the skillset for that task).

I found on the following link https://github.com/GoogleChromeLabs/samesite-examples/blob/master/php.md
that the below is the recommended code to accomplish the task, but it does not mention which file that I should place it in, or where. 

// Set a same-site cookie for first-party contexts
header('Set-Cookie: cookie1=value1; SameSite=Lax', false);
// Set a cross-site cookie for third-party contexts
header('Set-Cookie: cookie2=value2; SameSite=None; Secure', false);

Any help with this issue would be appreciated, as I'm still a novice when working within this system.

Thank you in advance!

Share this post


Link to post
Share on other sites

This would not be a problem in Phoenix 1.0.7.7 or later, although that requires PHP 7. 


Always back up before making changes.

Share this post


Link to post
Share on other sites
23 hours ago, Tiffany_Waggoner said:

Any help with this issue would be appreciated, as I'm still a novice when working within this system.

In older versions of oscommerce, the session is started in the includes/application_top.php file.  Add the following before the line to start the session and, I think, it will work:

ini_set('session.cookie_samesite', 'None');

But it also depends on which version of php are upgrading to since the code changed for setting cookies in the later versions, after 7.2 I think.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×