Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us in NYC Sept 4th for Qlik's AI Reality Tour! Register Now

Qlik Sense: SameSite doesn't work with insecure sites (HTTP)

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Qlik Sense: SameSite doesn't work with insecure sites (HTTP)

Last Update:

Nov 4, 2020 10:12:51 AM

Updated By:

Sonja_Bauernfeind

Created date:

Nov 4, 2020 10:11:10 AM

In Qlik Sense, when enabling the SameSite attribute and HasSecure attributes for a non-secure site (http://), the browser still refuses to set up the cookie.

Environments:

  • Qlik Sense Enterprise for Windows November 2018 and later

 

For the SameSite attribute to work, it is a requirement to use a secure site (https://)
The only reason why there is the option to enable HasSecure and SameSite for HTTP in Qlik Sense is to facilitate the integration with a reverse proxy using SSL offloading.
In that use case, the connection between the end user and the reverse proxy will be HTTPS but the communication between the reverse proxy and Qlik Sense will be HTTP.
The connection will be seen as HTTPS in the end user's browser and the browser will allow the cookie to be set.

Read more about SSL offloading:
https://en.wikipedia.org/wiki/TLS_termination_proxy

Information about how to set up SameSite in Qlik Sense:
Missing SameSite attribute blocks requests in Chrome 80 and later - Too many sessions in parallel

Labels (1)
Labels:
1,290 Views
Was this article helpful? Yes No
Version history
Last update:
‎2020-11-04 10:12 AM
Updated by:
Digital Support