Hello, our site provides a widget that other sites embed (like YouTube’s embed). User log in to it so we have cross-site cookies. Everything works great, but recently Chrome has been adding this warning in the console:
“A cookie associated with a cross-site resource at
http://ourdomain.com/ was set without the
SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with
All of our cookies are set correctly, however there is a remaining cookie called “__cfduid” and that seems to be put by Cloudflare, which causes this warning to persist.
We are concerned that our service might stop working completely, when Google decides to enforce this policy just because of this remaining cookie.
What shall we do?