Chromes change to the same-site values in cookies

With google rolling out the new chrome version and the changes on how cookies with no same-site value are treated this means every pimcore developer needs to fix their projects if you use 3rd party software for authentication, payments and so on.

(More on the topic: https://auth0.com/blog/browser-behavior-changes-what-developers-need-to-know/)

The currently agreed solution which works 100% is to define each session cookie 2 times, once with same-site=none; secure and once without a same site attribute.
The session handler needs no take this into account and use whichever cookie present.

My questions for the pimcore developers/community are the following:

  • From which release on will the pimcore core implement these changes?
  • Are there any plans to release hotfixes for older pimcore versions that don’t use symfony?