Cookie “_ga” will be soon rejected because it has the “SameSite” attribute set to “None”

Question

I have added Google Tag manager to my react project, with the help of react-gtm-module

After successfully adding it, I see some warning in consoles which are below like -

Cookie “_ga” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute.

Cookie “_gid” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute.

Cookie “_gat_UA-xxxxxxxx” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute.

I see that I have to use sameSite attribute to secure, but how do I implement this with the given library I am using?

Answer 1

This isn't an issue with react-gtm-module or it's configuration in your code, it's an issue within Google Tag Manager. Google Analytics tracking cookies provided by GTM don't have a valid SameSite attribute.

Note that those warnings only show in certain browsers (e.g. Firefox). As of Update 80, Google Chrome defaults any cookies without a correct SameSite value to to SameSite=Lax (which might result in them not working properly).

Ideally, the Google Tag Manager team would update their code to automatically set the SameSite attributes for cookies. However, you can set this yourself:

1. In Google Tag Manager, go to Variables

2. Find your GA Tracking ID variable, and click to edit

3. Under More Settings -> Fields to set

   • Add the Field Name cookieFlags
   • Set the Value to samesite=none;secure

   

4. Save and publish a new version of your GTM configuration.

If done correctly this should resolve the browser warnings you are seeing.