Setting the SameSite attribute on cookies
Configure the Configuration.cookieSameSite cookie attribute to prevent cross-domain errors in your Cognos environment.
To prevent cross-site request forgery (CSRF) attacks, some browsers may return error messages if HTML files containing iFrames are hosted in a different domain than the report server. To avoid these errors, you can configure the Configuration.cookieSameSite advanced setting.
Before you begin
The following configuration must be in place:
- SSL is enabled
- XSRF protection must be enabled. For more information, see XSRF (Cross-Site Request Forgery).