Bug Report
Summary
Firefox warns about the laminas-hidden cookie. In specific, it references the following documentation: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#samesitenone_requires_secure
The problem is that the cookie will be rejected by future browser versions.
Current behavior
laminas-hidden cookie is set with SameSite=None and without secure.
I believe the code responsible for this behaviour is located here: https://github.com/laminas/laminas-developer-tools/blob/2.4.x/view/laminas-developer-tools/toolbar/toolbar.js
How to reproduce
Enable the laminas-developer-tools toolbar. Visit your website. Observe the console output of your browser.
Expected behavior
No warnings should be thrown.
Since not all websites under development are served over a secure connection, I propose setting SameSite=Lax.
Bug Report
Summary
Firefox warns about the
laminas-hiddencookie. In specific, it references the following documentation: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite#samesitenone_requires_secureThe problem is that the cookie will be rejected by future browser versions.
Current behavior
laminas-hiddencookie is set withSameSite=Noneand withoutsecure.I believe the code responsible for this behaviour is located here: https://github.com/laminas/laminas-developer-tools/blob/2.4.x/view/laminas-developer-tools/toolbar/toolbar.js
How to reproduce
Enable the laminas-developer-tools toolbar. Visit your website. Observe the console output of your browser.
Expected behavior
No warnings should be thrown.
Since not all websites under development are served over a secure connection, I propose setting
SameSite=Lax.