The current implementation of the logout process for Outlook Web neglects to set the SameSite option to None when expiring Outlook’s cookies during a single logout which results in an implicit value of Lax. When operating behind Azure AD, this means that the iframe’d logout requests will fail to log out Outlook Web in Chrome and Edge. This feature request is to simply, explicitly set SameSite to None which should fix the issue in Chrome and Edge.
No CommentsBe the first to comment
