Hi,
When we using Safari on MacOS with IPv6 we found that the XSRF-TOKEN can be set into the cookies. We have set-cookie in the authentication response headers 'Set-Cookie: XSRF-TOKEN=*******; SameSite=Strict; Secure'.
It works by using Safari with IPv4. And also works with Chrome/FireFox with IPv4/IPv6. And also worked with Safari 15.6.1 over IPv6.
May I know if this an issue or by design? Anyone aware of this?
Thanks.
xiaozhangseu
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution