Can someone send me a screenshot of a successful login request that sets an http only cookie? Right now I'm receiving the cookie but it won't get set in the browser and I'm a bit stuck. 👀
I just found out that for cross-site requests the cookie needs to be set "secure": "true" and "same-site": "none". That solved my issue. Would be good to have this option within the payload config to avoid patching the dependency. 🙌
these two options are indeed configurable in the payload config already 👍
check out the
cookies
option
you can set
sameSite
as well as
secure
right in the config, based on ENV vars or whatever you need 👍
Haha, oh no! Guess I was blind 😅
I wanted to follow up on this real quick, because I've wasted countless hours on those cookie issues during my years in web dev.
^^^^ 100%
Star
Discord
online
Get dedicated engineering support directly from the Payload team.