EZproxy Cookies

Symptom

• What Cookies Does EZproxy Set in the Browser?

Applies to

• EZproxy

Resolution

EZproxy will set the following Cookies in the user's browser when EZproxy makes a connection to a resource.

1. ezproxyN - set using SameSite=None; Secure; HttpOnly which should support scenarios in which EZproxy appears inside a third-party frame such as a discovery product, learning management system, or content management system AND the content provider being proxied uses https.
2. ezproxyL - set using SameSite=Lax; HttpOnly which should support scenarios in which EZproxy is not framed for both http and https.
3. ezproxy -  set using the original, classic method in which no SameSite, Secure, or HttpOnly options are included. This should cover all old browsers, including old versions of Chrome.

Each of these cookies will store the same information about the user's session but have different directives.

SameSite:   SameSite could be specified when setting a cookie as a way to narrow when the cookie should be  visible in third-party contexts by specifying a cookie as SameSite=LAX or SameSite=Strict

LoginCookieSameSite:  The new directive LoginCookieSameSite can be used to alter which of these cookies are set. This directive takes options Classic, Lax, and/or None and can be specified like:

LoginCookieSameSite Classic - EZproxy will only send the classic cookie in the classic way

LoginCookieSameSite Lax None - EZproxy will send the cookie using the None and Lax methods described above.

Page ID