same site = none and secure error on my django reactjs application

Hi Experts,

I get the following errors on my developer console on my chrome browser.

A cookie associated with a cross-site resource at http://pinterest.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

(index):1 A cookie associated with a cross-site resource at http://www.facebook.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

Open in new window


How to resolve this error.  My application is Django application on back end and Reactjs on front-end

I had to make an api call from my front end.   I was getting cors error.  The things I had done for this is as follows:

I had made mode:'no-cors'

will this cause an error?

   fetch("https://territorystories.nt.gov.au/rest/login?email=user@nt.gov.au&password=*******",
         {credentials:"include",crossDomain:true, mode: 'no-cors',headers:{'content-type':'application/x-www-form-urlencoded'}})
      .then(
        (result) => {
            localStorage.setItem('sessionid', result.sessionid);
        })
      .catch(error => console.log("error- ", error));
  }

Open in new window


Please help in resolving this issue.

Any help is highly appreciated
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
coderdeveloper

Author

Commented:
Hi All,

I had commented on the fetch code, still, I face the same issue.  Please help me in resolving this issue
leakim971Multitechnician
Top Expert 2014
Commented:
this is not an error but a browser warning about its future :
https://support.google.com/chrome/thread/16654793?hl=en
coderdeveloper

Author

Commented:
HI Leakim,

Thanks for your response,  Could you please tell me how to set response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=None"); in Django or wagtail?   Do I need to set this value for request or for the response?

Apart from this, I am making a call to Fetch on this application front-end(Reactjs).  Will this break after making this set headers.

The code which is causing this problem in the django's application

  <script type="text/javascript" async defer src="//assets.pinterest.com/js/pinit.js"></script>
  <script defer>
    window.fbAsyncInit = function() {
      FB.init({
        appId: "{{facebook_app_id}}",
        xfbml: true,
        version: "v2.8"
      });
      FB.AppEvents.logPageView();
    };

    (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
     }(document, 'script', 'facebook-jssdk'));
  </script>

Open in new window



Thank you
Announcing the Winners!

The results are in for the 15th Annual Expert Awards! Congratulations to the winners, and thank you to everyone who participated in the nominations. We are so grateful for the valuable contributions experts make on a daily basis. Click to read more about this year’s recipients!

Multitechnician
Top Expert 2014
Commented:
you don't own the facebook code, so wait Facebook update their script, this warning will disappear
coderdeveloper

Author

Commented:
Thank you,

I will ignore these warnings.  Simliarly I hope pinterest error will also vanish as they update their code.

Thank you
coderdeveloper

Author

Commented:
Thanks Leakim,

I think similarly pinterest error will as vanish when they update.  I will ignore these warnings and proceed.

Thank you
leakim971Multitechnician
Top Expert 2014

Commented:
Simliarly I hope pinterest error will also vanish as they update their code.

yes
leakim971Multitechnician
Top Expert 2014

Commented:
you welcome

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial