Field Notice: FN - 70510 - Chrome Version 80 Update for SameSite Cookie Causes ECE Gadget and Dock Chat to Malfunction - Software Upgrade Recommended
Available Languages
Notice
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
04-Feb-20 |
Initial Release |
1.1 |
10-Feb-20 |
Updated the Products Affected, Problem Symptom, and Workaround/Solution Sections |
Products Affected
| Affected OS Type | Affected Software Product | Affected Release | Affected Release Number | Comments |
|---|---|---|---|---|
NON-IOS |
Enterprise Chat and Email |
11 |
11.5(1), 11.6(1) |
Release 11.5(1) and 11.6(1) customers are advised to upgrade to Release 11.6(1) ES8 in order to apply the ET |
NON-IOS |
Enterprise Chat and Email |
12 |
12.0(1) |
Update to ECE 12.0 ES3 in order to apply the ET |
NON-IOS |
Enterprise Chat and Email |
12 |
12.5(1) |
Apply ET1 |
Defect Information
| Defect ID | Headline |
|---|---|
| CSCvs83450 | Explicitly assert the "SameSite" cookie attribute in ECE application |
Problem Description
The Enterprise Chat and Email (ECE) gadget and dock chat malfunction after you apply the Chrome Version 80 update for SameSite cookie.
Background
Currently the Chrome SameSite cookie default is "None", which allows third-party cookies to track users across sites. However, from February 2020, cookies will default into "SameSite=Lax", which means cookies are only set when the domain in the URL of the browser matches the domain of the cookie - a first-party cookie. Any cookie with the "SameSite=None" label must also have a secure flag, therefore it will only be created and sent through requests made over HTTPs.
Problem Symptom
The agent will not be able to log in to the ECE gadget inside Finesse on ECE Releases 11.5(1), 11.6(1), 12.0(1), and 12.5(1).
Behavior on the Agent Side
When an agent tries to log in to the ECE gadget inside Finesse, the agent will be logged out immediately. When the agent tries to log in again, this message is displayed:
You have at least one session that is already in progress. Would you like to end the existing sessions and begin new session?
When you click Continue, the agent will still not be able to log in to the application as shown in these screenshots:
Network traces from the agent console in Chrome for this issue are shown here.
Behavior on the Customer Side
The dock chat customer is not able to refresh, navigate, or pop out a dock template for cross domain if SameSite is enabled. Sample screenshots are shown here:
Customer dock chat website with docked chat icon.
Customer initiates the chat.
On refresh, the docked chat window disappeared.
If the customer undocks a dock chat, the chat window does not load.
The agent will not be able to log in to the ECE gadget inside Finesse on ECE Releases 11.5(1), 11.6(1), 12.0(1), and 12.5(1).
Workaround/Solution
Do not update Chrome. Apply the given Engineering Test (ET) on the latest Engineering Special (ES) of the respective ECE releases.
- Release 11.6 - Release 11.5(1) and 11.6(1) customers are advised to upgrade to Release 11.6(1) ES8 in order to apply the ET2
- Release 12.0 - Update to ECE 12.0(1) ES3 in order to apply the ET1
- Release 12.5 - Apply the ET1
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
My Notifications—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)