cancel
Showing results for 
Search instead for 
Did you mean: 

How to setup Service Layer set-cookies with SameSite = None?

former_member766066
Discoverer

I have a project in angular making requests to the HANA service layer: login and later other types of requests such as get and patch. As you may know, a recent update to browsers caused all set-cookies requests without the samesite attribute to be treated as LAX requests. For obvious reasons, cross site LAX set-cookie requests are blocked and ignored by browsers.

I have tried to perform different methods so that the service layer nests the samesite attribute to the set-cookie requests from the login endpoint, even the one specified here https://blogs.sap.com/2020/08/26/how-to-fix-google-chrome-samesite-cookie-issue-with-sac-and-hana/, but I had no satisfactory results. Is there any other way to add this attribute to such requests?

former_member751591
Participant
0 Kudos

Welcome and thanks for visiting SAP Community to get answers to your questions. Check out our tutorial to get started in SAP Community.

By adding a picture to your profile you encourage readers to respond to your question. Learn more about your Profile here.

rahuljain257
Participant
0 Kudos

Hey, Did you find the solution for the same ?

former_member766066
Discoverer

Hi, yes. Even though i had to look into the official SAP blog (i think it's the SAP note 3080362)

In the SAP b1 installation folder(usr/sap/SAPBusinessOne in unix), look for ServiceLayer/conf folder. In it there's a file named httpd-b1s-lb.conf and open it

look for the <Ifmodule mod_headers.c>

and add the following:

Header edit Set-cookie ^(.*)$ $1path=/b1s;Secure;SameSite=None

if the ifmodule is not present, you'll have to add it before TraceEnable=off

Hope I made myself understand, any doubt comment here again.

rahuljain257
Participant
0 Kudos

Thanks You for your response, Its very much clear to understand & it resolved my issue.

Also I had a word with Ankit Chauhan and this issue is resolved by SAP Development Team,

This issue has been fixed in Feature Package 2108 for SAP Business One Version 10.0 and is documented in SAP Note 3080362.

Former Member

Hi,

I believe this is SAP central note regarding your topic

2887651 - Issues with SameSite cookie handling

Cheers,

Luis

Accepted Solutions (0)

Answers (0)