CONFIGURING


Configuring the SameSite cookie attribute

Configure the SameSite cookie attribute to enable a Domino web server to assert that browsers can only send cookies that originate from the Domino server web site.

About this task

Use of the SameSite cookie attribute reduces the risk of cross-site request forgery (CSRF). You can configure the SameSite cookie in these documents in the Domino directory: Server document, Web Site document (single server), or Web SSO Configuration document (multiple servers). Alternatively, you can configure the attribute through a notes.ini server setting.

Choose one of these values for the attribute:


Configuring the SameSite cookie attribute through the Domino directory

Procedure

1. Find the SameSite cookie attribute field in the Web document you use:
DocumentLocation of field
Server documentInternet Protocols -> Domino Web Engine tab, HTTP Sessionssection
Web Site documentDomino Web Engine tab,HTTP Sessions section
Web SSO Configuration document Basics tab, Token Configuration section


2. For SameSite cookie attribute, select one of the following options: Configuring the SameSite cookie attribute through a notes.ini setting

About this task

Use one of the following notes.ini settings to configure the SameSite cookie attribute on a web server. In addition, make sure that the SameSite cookie attribute field in the web server document is set to Use browser default or INI setting.


where value is one of the following values representing the desired SameSite attribute:
ValueSameSite attribute
1Strict
2Lax
3None