Web browsers are starting to assume a default setting SAMESITE=lax for cookies they receive. This default setting causes issues when a Cognos report is embedded in a site with a different domain setting. We need to be able to configure this option like the Secure flag in the global configuration. Currently the only way to add this additional option is to edit the IIS configuration so it adds the SAMESITE=none to the cookies being served.
|Who would benefit from this IDEA?||All Cognos Administrators would benefit by having control of this part of the cookie without needing admin privileges on the server to configure it in IIS.|
How should it work?
In the Cognos Configuration, under Actions-Edit Global Configuration, the administrator can adjust the Cookie Settings for Domain, Path, Secure flag enabled? TRUE or FALSE. And additional options should be added called SAMESITE with the options of LAX,STRICT or NONE. This gives the administrator control of setting the cookie with out needing administrative access to IIS.
|Priority Justification||This will become a growing issue, for any organization that embeds their reports in other sites, as all the browsers start to enforce the SAMESITE cookie setting|
|Client Name||Commonwealth of Massachusetts|
|IBM's success depends on gathering feedback from customers like yourself. Aha Ideas Portal is the third party tool through which IBM Offering Managers gather feedback from customers such as yourself.|
|IBM is a global organization with business processes, management structures, technical systems and service provider networks that cross borders. As such, the information collected through Aha Ideas Portal (Customer Name, Customer Email Address) will be stored by them in the United States, and handled only as per IBM's instructions and policies. Your data (Name and Email Address) will NOT be shared with other IBM customers.|
|In order to safeguard your information in Aha, do not leave your workstation unattended while using this application, log off after using it, and print only if necessary. If you need to make a hardcopy, remember to pick up the print-out immediately, keep it under lock, and destroy it immediately when no longer needed.|
|NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "firstname.lastname@example.org" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions|