I have an online shopping site and I have to connect to the payment gateway to buy. Newer versions of Chrome have a new policy. That said, you should add an attribute called sameSite to your cookies. When I set-cookie attribute, I add sameSite = none and secure to the cookie. Isn't this a problem in terms of security? Because I think our cookie is sent to every site and it is not secure.
Do you think there is a way to restrict the sending of cookies?
That is, for example, if we allow the user to send a cookie only for the payment gateway?
Asked
Active
Viewed 331 times
2
-
This question may be on-topic on https://security.stackexchange.com/ – A.L Aug 01 '22 at 14:17