SameSite cookie patch
Recent browser changes breaks SAML SSO scenario due to lack of or incorrect value in the PhxAuthN cookie.
This patch adds "SameSite=None" value to the cookie. Note that in order for this to work properly communications must be done using a TLS protected channel between client browser and server.
How to apply.
Download the zip and follow the instructions in the readme included in the zip
| File name | SHA 256 checksum |
|---|---|
| 202002140.zip |
ef39cc1f9a5d002798d095fbde338fa0f50487e674791053a0c050fb3b516540 |
How to verify applied patch
Browse to a page on your SAML IDP.
Open your browser Developer Tools.
Find the cookies section for your IDP hostname.
Verify that the cookie for PhxAuthN has parameter SameSite=None and Secure=true