Why is it necessary to check the browser and only set the SameSite/Secure attributes for compatible clients? Would something bad happen if you just set it in your config/session.php and used it for all users? Any clients that do not recognize SameSite=None should ignore it and carry on as if the attribute was not set.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Why is it necessary to check the browser and only set the SameSite/Secure attributes for compatible clients? Would something bad happen if you just set it in your config/session.php and used it for all users? Any clients that do not recognize SameSite=None should ignore it and carry on as if the attribute was not set.