-
Notifications
You must be signed in to change notification settings - Fork 239
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is there a suggested method for dealing with browsers disallowing third party cookies without disabling cookies altogether? #2320
Comments
Interesting use-case, the key portion is point 1 I've tagged as an enhancement as this could be added as an optional configuration that could be used by the CookieMgr code. Are the 2 domains related? ie. is there a common base domain? If there is you can use the The existing cookie configuration options are here with the typedoc here |
We have 25 .NET web apps that each run inside IFrames in the same way. (on a separate domain from the top page frame) We're in the middle of remediating them all with other cookies in use (i.e., adding partition keys), but could not find a way for the App Insights cookies to be similarly partitioned using its SDK. It doesn't appear to currently support it, and without it, our use of the SDK is going to break for tens of thousands of customers when Chrome & Edge are updated in August. We really need to be able to adopt an updated SDK and test long before then. |
One thing you can do in the meantime is to provide your own |
We have an angular application using Application Insights that we're displaying on another site via an iframe and both Chrome and Firefox are warning that in future versions they will be dropping support for third party cookies and blocking the ai_user and ai_session cookies entirely.
Screenshot from firefox:
Chrome:
We have this same issue with our identity related cookies on this embedded site, but we could fix that by adding the Partitioned attributes to our cookies (google docs, mozilla docs) when they're initially written, but it doesn't seem like Application Insights has hooks for that currently
Is there any guidance on how we can handle this now or any features in the pipeline that would allow us to handle this situation without disabling the user tracking cookies entirely?
Steps to Reproduce
The text was updated successfully, but these errors were encountered: