WPO365 | SAMESITE

Plugin for WordPress websites that require a user to sign in (e.g. with Microsoft using the WPO365 plugin) and that are loaded inside an iframe (e.g. inside a Microsoft Teams App / Tab or similar). The plugin overrides the pluggable WordPress function wp_set_auth_cookie to always set SameSite=None to enable third-party usage of cookies.

Prerequisites

• The SameSite=None flag is only respected by browsers such as Chrome when the cookie’s Secure flag is set. Therefore the website must use SSL for the plugin to effectively enable browser support for 3rd party cookies.

Support

I will go to great length trying to support you if the plugin doesn’t work as expected. Go to our Support Page to get in touch. I haven’t been able to test our plugin in all endless possible WordPress configurations and versions so I am keen to hear from you and happy to learn!

Feedback

I am keen to hear from you so share your feedback with me on Twitter and help me get better!

Open Source

When you’re a developer and interested in the code you should have a look at the corresponding gist at github.