Hi
I did some testing with Chrome in a VM. I downloaded a couple of older versions of Chrome (7.6 & 7.9) plus v8.1
When I was running 7.6 & 7.9 I could do what I needed to in OWA. As soon as I updated to 8.1 the invalid canary message appeared. I would think that now that Edge is based on the Chrome engine, this is why it will have the same problem.
I then found this page:
Part way down it states:
"Those who wish to disable the said SameSite flags can do so by adding –disable-features=SameSiteByDefaultCookies or –disable-features=CookieswithoutSameSitemustbesecure in the Target field of the Google Chrome or Microsoft Edge properties and restart the web browser."
I tried this and it does seem to work with both Chrome and Edge. This is workable for myself and other admins but not suitable for end users. They'd be as well sticking to I.E. so long as it keeps working.
Unfortunately it also states further down that page:
"However, this workaround will only work until the Google Chrome 94 update as the said command line flags will be removed after that."
I don't know if it means the flags setting won't take effect after this or it just means the setting would be removed from the command line. I think it's probably the former so this fix would no longer work.
We're not the only ones to have this issue so I wish Microsoft would come up with a proper solution.
I know I could probably log a call with MS but the cost is probably prohibitive - don't know how much support calls cost these days.
Thanks