My Oracle Support Banner

SameSite Not Being Set On "visitroute" and "EETrViID" cookies (Doc ID 2971099.1)

Last updated on SEPTEMBER 12, 2023

Applies to:

Oracle Commerce Cloud Service - Version 23.05 and later
Information in this document applies to any platform.

Symptoms

Using Lighthouse to generate reports site metrics like performance, SEO and others. The goal is to have at least 90 points out of 100 for all categories. Currently the "Best Practices" category is at 75 points out of 100.

 

According to Lighthouse, a cookie can be sent (or not) in a CORS request based on its "SameSite" attribute. For a cookie to being sent on a CORS request, its "SameSite" prop should be defined as "None", and also have the "Secure" attribute set. If the cookie is not supposed to be sent in CORS requests, its "SameSite" prop should be defined as "Strict" or "Lax". The problem is that neither the"visitroute" nor "EETrViID" cookies have their SameSite set to a value. Instead SameSite is set to a blank value for both the visitroute -AND- EETrViID cookies.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.