K
K
KGZVER2020-12-08 13:58:47
Google
KGZVER, 2020-12-08 13:58:47

What is chrome complaining about?

I connected Google analytics and Yandex metrics to my project.

<head>
    <!-- Yandex.Metrika counter -->
    <script type="text/javascript" >
      (function(m,e,t,r,i,k,a){m[i]=m[i]||function(){(m[i].a=m[i].a||[]).push(arguments)};
      m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],k.async=1,k.src=r,a.parentNode.insertBefore(k,a)})
      (window, document, "script", "https://mc.yandex.ru/metrika/tag.js", "ym");

      ym(70229311, "init", {
            clickmap:true,
            trackLinks:true,
            accurateTrackBounce:true
      });
    </script>
    <noscript><div><img src="https://mc.yandex.ru/watch/70229311" style="position:absolute; left:-9999px;" alt="" /></div></noscript>
    <!-- /Yandex.Metrika counter -->

    <!-- Global site tag (gtag.js) - Google Analytics -->
    <script async src="https://www.googletagmanager.com/gtag/js?id=G-RRKBQTTB7W"></script>
    <script>
      window.dataLayer = window.dataLayer || [];
      function gtag(){dataLayer.push(arguments);}
      gtag('js', new Date());

      gtag('config', 'G-RRKBQTTB7W');
    </script>
    
    <meta charset="utf-8" />
    <link rel="icon" href="%PUBLIC_URL%/icon.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1" />
    <meta name="theme-color" content="#000000" />
    <meta
      name="description"
      content="Web site created using create-react-app"
    />
    <link rel="apple-touch-icon" href="%PUBLIC_URL%/icon.svg" />
    <link rel="manifest" href="%PUBLIC_URL%/manifest.json" />
    <title>App</title>
  </head>


After that, a note appeared in Chrome
Indicate whether to send a cookie in a cross-site request by specifying its SameSite
attribute This behavior protects user data from accidentally leaking to third parties and cross-site request forgery.

Resolve this issue by updating the attributes of the cookie:
Specify SameSite=None and Secure if the cookie should be sent in cross-site requests. This enables third-party use.
Specify SameSite=Strict or SameSite=Lax if the cookie should not be sent in cross-site requests


As I understand it, you need to change the SameSite=Lax value to SameSite=none. But where and how I can't figure it out.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Alex, 2020-12-08
@Kozack

Your server should return a SameSite http header with the value you want to allow other sites to track your visitor behavior.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question