Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68380

Chrome 80 cookies problem (SameSite)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Major Major
    • None
    • 3.5.11, 3.6.9, 3.7.5, 3.8.2
    • LTI provider
    • MOODLE_35_STABLE, MOODLE_36_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE

      Hello,

       

      we at 3ipunt have checked that the cookies are not being sent successfully in Chrome 80.

      We found the problem in LTI activities, but everything that requires a cookie could be affected too.

       

      This behaviour was introduced first in https://tracker.moodle.org/browse/MDL-67175

       

      Steps for reproducing the error:

      1 - Access a course

      2 - Create an external tool activity (LTI)

      3 - Select 'Embedded' as visualization type

      4 - Click in the activity

       

      Expected error:

      Moodle shows the login page of the provider LTI, instead of logging the user into the LTI provider.

       

      The cookies that are being sent are not marked with 'SameSite, Secure' flag so Chrome 80 rejects them.

       

      It has been tested in both 149 and 162 Chrome 80 version, working on 149, but not on 162.

       

      Cheers.

            Unassigned Unassigned
            xyulex Raúl Martínez
            Votes:
            3 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.