SameSite cookies with Apache

#web

Almost two years ago I wrote about how you can enable SameSite cookies with IIS on cookies that do not have the ability to be written as SameSite. Today I was helping a client on Apache do the same thing, here's how we can add SameSite=lax to a JSESSIONID cookie for example:

Header edit Set-Cookie ^(JSESSIONID.\*)$ $1;SameSite=lax

But suppose you just wanted to make all cookies set by your web app SameSite, you can just do this:

Header edit Set-Cookie ^(.\*)$ $1;SameSite=lax

This works by appending ;SameSite=lax to the end of all Set-Cookie http response headers.

Top comments (0)

Study Shows Why AI Can't Match Human Moral Choices in Organ Transplant Decisions

Mike Young - Mar 9

AI Creates Perfect Fake Data: New System Outperforms Competitors by up to 97%

Mike Young - Mar 9

AI System Sets Math Olympiad Record: New Training Method Boosts Problem-Solving Accuracy by 32%

Mike Young - Mar 9

Small Language Models Match Large AI Performance in Specialized Tasks While Using 75% Less Resources

Mike Young - Mar 9

DEV Community

SameSite cookies with Apache

Top comments (0)

Introducing Qodo Gen 1.0: Transform Your Workflow with Agentic AI

Read next

Study Shows Why AI Can't Match Human Moral Choices in Organ Transplant Decisions

AI Creates Perfect Fake Data: New System Outperforms Competitors by up to 97%

AI System Sets Math Olympiad Record: New Training Method Boosts Problem-Solving Accuracy by 32%

Small Language Models Match Large AI Performance in Specialized Tasks While Using 75% Less Resources