Skip to Content

How to enable SameSite flag for ‘cookiessession1’

By: Author Alex Lim

Posted on

Categories Troubleshooting

This article describes how to enable the SameSite flag for ‘cookiessession1’.It may be necessary to preconfigure other respective Server Policy setups and refer to the documentation at the end of this article for more information on the setup.

Scope

FortiWeb and FortiWeb-VM.

Solution

From CLI:

The SameSite flag is disabled by default and can be enabled using below CLI command:

config server-policy policy
edit "<policy_name>" <----- Server Policy.
set internal-cookie-samesite enable <----- Enable SameSite flag for 'cookiesession1'.
end

The default SameSite value is lax, the value can be changed using below CLI command;

config server-policy policy
edit "<policy_name>"
set internal-cookie-samesite-value {strict | lax | none}
end

The default SameSite value is lax, the value can be changed using below CLI command.