Release v11.32.1 · auth0/lock

This release includes [email protected], which by default stores additional cookies for backward compatibility when using the SameSite attribute, for those older browsers that do not understand SameSite=None. As well as creating the normal transaction cookies with Secure=true and SameSite=none, it also stores a _x_compat cookie (where x is the name of the original cookie) which only sets Secure=true.

If the generation of these extra cookies is undesirable or unnecessary for your use case, you can turn them back off by setting legacySameSiteCookie: false in the SDK configuration.

Changed

Update auth0-js and support legacySameSiteCookie option #2089 (stevehobbsdev)

Security

Bump log4js from 6.3.0 to 6.4.0 #2087 (dependabot[bot])
Security upgrade node-fetch to 2.6.7 #2085 (evansims)
[Snyk] Upgrade prop-types from 15.7.2 to 15.8.0 #2083 (snyk-bot)
Bump engine.io from 4.1.1 to 4.1.2 #2082 (dependabot[bot])
Bump follow-redirects from 1.14.4 to 1.14.7 #2081 (dependabot[bot])

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v11.32.1