id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 1890 Cookie SameSite support for userid module c1aphas@… "Upcoming release of Chrome 80 will make cookies with SameSite=Lax by default. https://www.chromestatus.com/feature/5088147346030592 This will break our advertising and tracking mechanics. We are using userid cookie for many of our projects placed on subdomains. For now, we are allowing crossdomain uid cookies with: {{{ userid_path '/; Secure; SameSite=None'; }}} But there is a problem with some old browsers: cookies with SameSite are declined https://www.chromium.org/updates/same-site/incompatible-clients Can we have option to control SameSite attribute in userid_module? And not enabling this feature for ""incompatible-clients"" list PS: We could do this with map, but userid module doesn't support variables {{{ map ""$http_user_agent"" $userid_path { default ""/;""; ""Chrome 64"" ""/; Secure; SameSite=None""; } }}} ... {{{ userid_path $userid_path; }}} Results: {{{ Set-Cookie: uid_test=fwAAAV3KnIGr0OrKAwMFAg==; path=$userid_path }}} " enhancement closed major other 1.17.x fixed userid cookies Darwin Kernel Version 19.0.0: Thu Oct 17 16:17:15 PDT 2019; root:xnu-6153.41.3~29/RELEASE_X86_64 x86_64 "nginx version: nginx/1.17.0 built by clang 10.0.1 (clang-1001.0.46.4) built with OpenSSL 1.0.2r 26 Feb 2019 (running with OpenSSL 1.0.2s 28 May 2019) TLS SNI support enabled configure arguments: --prefix=/usr/local/Cellar/nginx/1.17.0 --sbin-path=/usr/local/Cellar/nginx/1.17.0/bin/nginx --with-cc-opt='-I/usr/local/opt/pcre/include -I/usr/local/opt/openssl/include' --with-ld-opt='-L/usr/local/opt/pcre/lib -L/usr/local/opt/openssl/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --pid-path=/usr/local/var/run/nginx.pid --lock-path=/usr/local/var/run/nginx.lock --http-client-body-temp-path=/usr/local/var/run/nginx/client_body_temp --http-proxy-temp-path=/usr/local/var/run/nginx/proxy_temp --http-fastcgi-temp-path=/usr/local/var/run/nginx/fastcgi_temp --http-uwsgi-temp-path=/usr/local/var/run/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/var/run/nginx/scgi_temp --http-log-path=/usr/local/var/log/nginx/access.log --error-log-path=/usr/local/var/log/nginx/error.log --with-compat --with-debug --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_degradation_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-ipv6 --with-mail --with-mail_ssl_module --with-pcre --with-pcre-jit --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module"