RebelMouse Talk to Us
SameSite Cookies: What You Need to Know

Browsers implement a new cookie attribute to preserve user privacy

In 2020, consumer privacy is a top priority for every publisher, and that includes many changes to how cookies are used all over the web. Among these new standards is the release of a new attribute called SameSite cookies, which will be implemented across most browsers, including Google Chrome, Firefox, and Microsoft Edge.


Released by Google, SameSite cookies will control whether or not a cookie is sent with requests. Here's a good explanation of what this means from web.dev:

Each cookie is a key=value pair along with a number of attributes that control when and where that cookie is used. You've probably already used these attributes to set things like expiration dates or indicating the cookie should only be sent over HTTPS. Servers set cookies by sending the aptly named Set-Cookie header in their response.

The cadence for the cookie looks like this:

SameSite=[None|Lax|Strict]

Here's an example of how SameSite cookies are used, also from web.dev:

Say you have a blog where you want to display a "What's new" promo to your users. Users can dismiss the promo and then they won't see it again for a while. You can store that preference in a cookie, set it to expire in a month (2,600,000 seconds), and only send it over HTTPS. That header would look like this:
Set-Cookie: promo_shown=1; Max-Age=2600000; Secure

The new attribute will impact ad providers, tracking systems, and anybody who uses third- party cookies. There are three instances where the use of SameSite cookies is particularly important:

Ad Providers and Tracking Systems: If you're running ads on your site, you will need to confirm with your ad providers that they're ready for the SameSite cookie update. Most large ad networks will likely already have it implemented.

Your Custom Code: If you want others to have access to any cookie you set from your own JavaScript code, then make sure you add SameSite=None and Secure attributes to it. Click here for more information.

RebelMouse Cookies: We've already implemented this update across our platform. All the cookies on the RebelCMS, with the exception of the authorization cookie, are set to SameSite=None.

If you have any questions about the SameSite cookie update, email support@rebelmouse.com or talk to your account manager today.

What Is RebelMouse?
Request a Proposal
The Most Secure CMS of 2022
Featured

The Most Secure CMS of 2022

Why RebelMouse Is the Most Secure CMS on the Web

Delivering a secure, high-performing environment with extreme reliability is essential to all of our clients at RebelMouse. We only use industry-leading, reliable approaches to host our infrastructure. This ensures maximum stability and security for all of our clients’ data. Here are just some of the reasons we’re able to maintain a hard-bodied product that’s flexible, too.

Keep reading... Show less
Google Made Major Changes to Its Formula for Page Speed. Here’s What to Do About It in 2022.
Rebel Insights

Google Made Major Changes to Its Formula for Page Speed. Here’s What to Do About It in 2022.

Make sure your site is set up for success in 2022.

In the spring of 2020, Google let the world know that its Core Web Vitals would become the new benchmark for measuring a site's performance in its search results, known as the page experience update. Fast forward to more than a year later in August 2021 when, after much anticipation, Google's page experience update became official.

Since its rollout, developers have felt the impact of how their publishing platforms stack up against the new standard. Important decisions around the architecture of your site can now make or break your site's performance in the eyes of Google.

HTTP Archive, a tracking platform that crawls the web to identify trends and record historical patterns, has revealed how top content management systems (CMS) have weathered the page experience update through the creation of its Core Web Vitals Technology Report. RebelMouse consistently outperforms major CMS platforms on Google's most critical metrics since its rollout and into 2022:

Getting superior scores on Google's performance benchmarks isn't easy, either. The Ahrefs blog analyzed Core Web Vitals data from the Chrome User Experience Report (CrUX), which is data from actual Chrome users, to see how the web stacks up against Core Web Vitals. Their study found that only 33% of sites on the web are passing Core Web Vitals.

data from Ahrefs tracked on a line chart finds that shows only 33% of sites on the web pass Google's Core Web Vitals From Ahrefs.

Luckily, performing well on Core Web Vitals is possible with thoughtful, strategic changes to your site’s codebase. Here's what you need to know and how we can help.

Keep reading... Show less
Interested in a Free Website Health Check?Check Your
Website's Health
Get Your Free Analysis Now