Our app operates within an iframe of another application. We can’t change this.
Our app can “pop-out” however after the user logs into the other web app. To date, it has been able to use the same cookie created inside the iframe when it popouts using target=‘_blank’. However, that appears to be breaking in some browsers now and soon will break in Chrome based on what I’m reading.
This appears to be related:
https://medium.com/miro-engineering/the-end-of-third-party-cookies-and-its-impact-on-miro-apps-and-integrations-ee73358cda1e
What do we need to do to fully support our Yii2 app operating both within iframes and being “popped-out” in browsers once all of these changes are rolled out in the browser?
The core need of course is being able to use the Yii2 auth system which relies on cookies (and has worked great so far).