Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


If your company uses a proxy server for internet traffic please see proxy configuration. This is often the cause of the following error message:


Recent browser versions (especially Chrome v80+), by default, allow cookies to be sent only with top-level navigation and GET request initiated by third party websites. When you need to expose cookies to a third party site, such as using the SAML security manager or embedding in an iframe, you need to use https (Chrome only) and explicitly set the samesite attribute of the cookie to "none". frevvo v9.0.10+ includes a tomcat upgrade that allows configuring the cookie processor with this attribute. This documentation provides more information and details across browsers.


The sameSite value "none" is not supported prior to iOS 13 (macOS before version 10.15). Setting sameSite to "none" in tomcat may require iPhone/iPad to be upgraded.

For third party access, you must use https and update the provided tomcat/conf/context.xml CookieProcessor element to add the sameSiteCookies attribute.