Update SameSite cookie notes (#322)

Add notes for blocking cookies when SESSION_COOKIE_SECURE is not set
IdentityPython · Jan 30, 2022 · 5f956aa · 5f956aa
1 parent 8bd4bf8
commit 5f956aa
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/source/contents/setup.rst b/docs/source/contents/setup.rst
@@ -63,7 +63,7 @@ You can even configure the SAML cookie name as follows::
   SAML_SESSION_COOKIE_NAME = 'saml_session'
 
 Remember that in your browser "SameSite=None" attribute MUST also
-have the "Secure" attribute, which is required in order to use "SameSite=None"::
+have the "Secure" attribute, which is required in order to use "SameSite=None", otherwise the cookie will be blocked, so you must also set::
 
   SESSION_COOKIE_SECURE = True