DEV Community

loading...

Fix Chrome80 SameSite Issue

niharikapujari profile image Niharika Pujari ・1 min read

Problem Statement

Chrome released a new version in January 2020 (v80), it is available now for everyone to consume. Chrome 80 will begin enforcing a new secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None; Secure will be available in third-party contexts, provided they are being accessed from secure connections. Angular apps won't be able to run locally throwing SameSite error in console.

SSL to the rescue

What is SSL?

Secure Sockets Layer (SSL) was the most widely deployed cryptographic protocol to provide security over internet communications. SSL provides a secure channel between two machines or devices operating over the internet or an internal network. One common example is when SSL is used to secure communication between a web browser and a web server. This turns a website's address from HTTP to HTTPS, the ‘S’ standing for ‘secure’.

Fine, how do I fix my local issue?

Add --ssl to your start script in package.json, Angular would generate an ssl certificate for you in the background. You need to run Angular CLI over HTTPS instead of HTTP

ng-start-script

Now, run npm run start to launch your app locally and serve it would serve it over HTTPS. Voila!

References:

Discussion (0)

pic
Editor guide