Don’t be Lax about your SameSite cookies

We have a customer who is using Sitecore and the SagePay Pi service to take credit card payments. They were using a multi-page Sitecore Forms form, and weirdly their confirmation emails couldn’t use field values from the first pages of the form. Eventually, we found that the problem was due to the the user’s session being lost, but only if the user was using 3D-secure, and a recent browser. Here’s why…

Continue reading “Don’t be Lax about your SameSite cookies”

Don’t be Lax about your SameSite cookies