Skip to content

Add trackEmbedded config option for cross-origin iframe cookie support#1071

Open
alazarchuk wants to merge 1 commit intomicrosoft:masterfrom
alazarchuk:feature/track-embedded
Open

Add trackEmbedded config option for cross-origin iframe cookie support#1071
alazarchuk wants to merge 1 commit intomicrosoft:masterfrom
alazarchuk:feature/track-embedded

Conversation

@alazarchuk
Copy link
Copy Markdown

@alazarchuk alazarchuk commented Apr 7, 2026
edited
Loading

Summary

  • Adds trackEmbedded boolean config option (default: false) to enable session tracking in cross-origin iframe contexts
  • When true, cookies are written with SameSite=None; Secure attributes, which browsers require for cross-origin cookie access
  • Adds Playwright tests verifying cookie attributes are present/absent based on the config value

Test plan

  • trackEmbedded=false (default): verify no SameSite=None or Secure attributes on cookie assignments
  • trackEmbedded=true: verify all cookie assignments include both SameSite=None and Secure
  • All 29 existing tests continue to pass

🤖 Generated with Claude Code

@alazarchuk @claude
Add trackEmbedded config option for cross-origin iframe cookie support
fefbf3d 
When trackEmbedded is true, cookies are written with SameSite=None; Secure
to enable session tracking in embedded cross-origin iframe contexts.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
@alazarchuk
Copy link
Copy Markdown
Author

alazarchuk commented Apr 14, 2026

@microsoft-github-policy-service agree

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alazarchuk