{"library":"should-send-same-site-none","title":"SameSite=None Cookie Compatibility Utility","description":"This package provides a utility function (`isSameSiteNoneCompatible`) and an Express.js middleware (`shouldSendSameSiteNone`) to address specific browser compatibility issues with the `SameSite=None; Secure` cookie attribute. Introduced around Chrome 80 in February 2020, the `SameSite=None; Secure` setting is required for cross-site cookies, but some older browsers (notably Chrome 51-66, certain Safari versions, and UC Browser) handle this attribute incorrectly, potentially leading to cookies being rejected or mismanaged. This library detects these incompatible user agents based on a known list from Chromium, allowing developers to dynamically adjust cookie settings to ensure functionality across a broader range of clients. The current stable version is 2.0.5, with recent updates focused on bug fixes and improved TypeScript declarations. It offers a crucial compatibility layer for web applications relying on cross-site cookie functionality, saving developers from maintaining an exhaustive list of incompatible clients themselves.","language":"javascript","status":"active","last_verified":"Sun Apr 19","install":{"commands":["npm install should-send-same-site-none"],"cli":null},"imports":["import { isSameSiteNoneCompatible } from 'should-send-same-site-none';","import { shouldSendSameSiteNone } from 'should-send-same-site-none';","import * as SameSiteNone from 'should-send-same-site-none';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import express from 'express';\nimport { shouldSendSameSiteNone } from 'should-send-same-site-none';\n\nconst app = express();\nconst PORT = process.env.PORT ?? '3000';\n\n// Apply the middleware globally before defining routes.\n// This middleware will automatically remove SameSite=None from 'Set-Cookie' headers\n// if the requesting client is known to be incompatible.\napp.use(shouldSendSameSiteNone);\n\napp.get('/', (req, res) => {\n  // When setting cross-site cookies, always set SameSite='None' and Secure=true.\n  // The middleware will handle exceptions for incompatible browsers.\n  res.cookie('session_id', 'somevalue123', { sameSite: 'none', secure: true, httpOnly: true });\n  res.send('Hello World! Cookie set with SameSite=None; Secure (if compatible).');\n});\n\napp.listen(Number(PORT), () => {\n  console.log(`Server listening on port ${PORT}`);\n  console.log('Try visiting with an older Chrome browser (e.g., Chrome 51-66) to see the SameSite=None attribute removed.');\n});","lang":"typescript","description":"Demonstrates setting up the Express middleware to automatically manage `SameSite=None` cookie attributes for incompatible user agents, ensuring cross-site cookie functionality while adhering to modern browser security policies.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}