SameSite Cookie Attribute
The SameSite cookie attribute is used to determine whether to allow cookies to be accessed in different scenarios. You might need to change this value in scenarios where the Spotfire Server cookies are used as third-party cookies. For example, it might be needed when external web sites and Spotfire are interacting.
Note: The SameSite cookie attribute is not needed unless you have configured for HTTPS.
Use the server command-line configuration tool to specify the property. For details on using the Spotfire command line, see Executing commands on the command line.
Example:
config export-config --force
config set-config-prop --name="security.cookies.same-site" --value="None"
config import-config -c "Cookies SameSite=None"
Valid values for the property are:
- None
- Lax
- Unset
The default is
Unset
, which is a special Tomcat value, and which
preserves previous behavior.
Note: The values
None
and
Lax
are defined by rfc6265bis.
Parent topic: Optional security HTTP headers