Site Mode Enum
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Specifies constants that indicate the value for the SameSite attribute of the cookie.
public enum class SameSiteMode
public enum SameSiteMode
type SameSiteMode =
Public Enum SameSiteMode
The cookie will be sent with "same-site" requests, and with "cross-site" top level navigation.
The cookie will be sent with all requests (see remarks).
When the value is Strict the cookie will only be sent along with "same-site" requests.
The behavior of None was modified by updates described in KB article 4531182 and KB article 4524421.
Without these updates, the None value does not emit the
SameSite cookie header. This conforms to https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1.
After these updates have been applied, the None value emits the
SameSite=None cookie header. This new behavior conforms to https://tools.ietf.org/html/draft-west-cookie-incrementalism-00. As part of this change, FormsAuth and SessionState cookies will be issued with SameSite =
Lax instead of the previous default of
None, though these values can be overridden in web.config.
On systems where these updates have been applied, you can specify the previous behavior by setting the
(SameSiteMode)(-1). You can specify this behavior using the string
Unspecified in web.config.