Skip to main content
ExLibris

Knowledge Assistant

BETA
 
  • Subscribe by RSS
    • Back
    Cross-Product

     

    Ex Libris Knowledge Center
    1. Search site
      Go back to previous article
      2. Sign in
        • Sign in
        • Forgot password
    1. Home
    2. Cross-Product
    3. Security
    4. Statements
    5. Policy Previous Versions
    6. Security Advisory– Google Chrome Browser version 80 Updates and Ex Libris products and services

    Security Advisory– Google Chrome Browser version 80 Updates and Ex Libris products and services

    1. Last updated
    2. Save as PDF
    3. Share
      1. Share
      2. Tweet
      3. Share
    1. Subject: Google Chrome Browser version 80 Updates and Ex Libris products and services - January 22, 2020
      1. Overview
      2. Reference
      3. Impact
      4. Affected Systems
      5. Tests and Certifications
      6. Actions Taken for Hosted Systems
      7. Required Configurations for On-Premise/Local Systems

    Subject: Google Chrome Browser version 80 Updates and Ex Libris products and services - January 22, 2020

    Overview

    On February 4, 2020 Google will roll out a new version of Google Chrome (80) that will implement a secure-by-default model for cookies using the SameSite attribute, enabled by a new cookie classification system.

    The SameSite attribute protects users from cross-site request forgery, where innocent end user is tricked by an attacker into submitting a web request that they did not intend.

    Google Chrome (80) new default cookie attribute will be set to SameSite="Lax". Previously, the SameSite cookie attribute defaulted to SameSite="None".

    As of February 2020, only cookies with the SameSite set to "None" and tagged as Secure will be able to send cross-sites and will require encrypted HTTPS connection access.

    Reference

    • https://blog.chromium.org/2019/10/developers-get-ready-for-new.html

    • https://www.theregister.co.uk/AMP/2019/10/24/google_chrome_tightens_cookie_security/

    • https://adexchanger.com/privacy/google-will-limit-cross-site-tracking-in-chrome-by-default-starting-in-february/

    Impact

    High

    Affected Systems

    Although the change was intended to discourage malicious cookie tracking, it has the potential to affect Ex Libris products and services that leverage application cookies within the same web page that have a different domain than the one being used by Ex Libris.

    Examples where the change in Chrome cookie handling may have an impact:

    • SSO (e.g. SAML)

    • Primo using non Ex Libris domain and Alma View-It/Get-It embedded web pages (not including Primo VE)

    • Custom integrations relying on non-secure (HTTP) protocol or cookie, that might be impacted in Google Chrome

    • Use of embedding of external links ('Iframe') in web pages

    • Embedding Leganto in the learning management system’s course page

    Tests and Certifications

    Ex Libris is analyzing and testing the specific potential impact that this change in cookie handling is going have on all Ex Libris products.

    Actions Taken for Hosted Systems

    Our plan is to solve any possible issues as part of our cloud platform.

    Required Configurations for On-Premise/Local Systems

    For non-platform products, we will provide  instructions regarding the procedures you need to perform on your local installations.

    More details will be provided in the next days.

    View article in the Exlibris Knowledge Center
    1. Back to top
      • Ex Libris Security Patches and Vulnerability Assessments Policy v2.3
      • Security Advisory – Google Chrome Browser version 80 Updates and Ex Libris products and services - January 30, 2020
    • Was this article helpful?

    Recommended articles

    1. Article type
      Topic
      Content Type
      Documentation
      Language
      English
      Product
      Cross-Product
    2. Tags
      This page has no tags.
    1. © Copyright 2025 Ex Libris Knowledge Center
    2. Powered by CXone Expert ®
    • Term of Use
    • Privacy Policy
    • Contact Us
    2025 Ex Libris. All rights reserved