SOLVED

'Cookie “_mkto_trk” will be soon rejected...'

Go to solution
NestoJosa
Level 3

'Cookie “_mkto_trk” will be soon rejected...'

Hello again!

 

I'm seeing a log on a page we are tracking where it says that the marketo tracking cookie will soon be rejected because the 'SameSite' attribute is set to none or an invalid value.

 

The complete log

 

'Cookie “_mkto_trk” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the secure attribute set to "None". To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite' - Firefox Developer Edition / Console Log

 

In the MDN Web docs article (mentioned above) it says that:

 

"Cookies with SameSite=None must now also specify the Secure attribute (they require a secure context/HTTPS)."

 

If I understand it correctly (please correct me if I'm wrong), you need to make sure that the page is on a secure protocol so that you can set the SameSite and Secure attribute of the cookie, in order to fix the log.

 

But in the setup we are also using landing pages that are not on a secure protocol. In other words the landing pages are served over http. So we can't use the suggestion specified in the article.

 

Questions

 

- Is the log something that we need to worry about?

- If yes, are there some additional changes we need to do in Marketo in order to fix this?

 

Any information would be highly appreciated!

 

Best,

ernie

1 ACCEPTED SOLUTION

Accepted Solutions
SanfordWhiteman
Level 10 - Community Moderator

Re: 'Cookie “_mkto_trk” will be soon rejected...'


If I understand it correctly (please correct me if I'm wrong), you need to make sure that the page is on a secure protocol so that you can set the SameSite and Secure attribute of the cookie, in order to fix the log.

That’s correct. It’s not possible to set a SameSite=None cookie — that is, a cookie that behaves the way cookies used to before the SamSite standard was developed — on an insecure page (because the Secure attribute only has meaning on secure pages). Nor is it possible to use such a cookie on an insecure page, even if set on a secure page.

View solution in original post

1 REPLY 1
SanfordWhiteman
Level 10 - Community Moderator

Re: 'Cookie “_mkto_trk” will be soon rejected...'


If I understand it correctly (please correct me if I'm wrong), you need to make sure that the page is on a secure protocol so that you can set the SameSite and Secure attribute of the cookie, in order to fix the log.

That’s correct. It’s not possible to set a SameSite=None cookie — that is, a cookie that behaves the way cookies used to before the SamSite standard was developed — on an insecure page (because the Secure attribute only has meaning on secure pages). Nor is it possible to use such a cookie on an insecure page, even if set on a secure page.