FAQ for Google Chrome Update on SameSite Cookie Default - February 17, 2020
Which user populations are not affected?
Users who are on any browser that is not Google Chrome.
Users who are on Google Chrome on a version lower than build 80.
Users who are on Google Chrome build 80 or higher but have disabled the new SameSite cookie default settings.
Who will be making technical changes to punchout sites to patch this issue?
BuyerQuest will be deploying a patch to its own site that allows ERP clients to punch out to BuyerQuest and allow punchout out from BuyerQuest to supplier punchout sites. We will send out a notice to clients once those changes are up and running. Suppliers with punchout sites likely will also need to patch their sites, especially if their sites incorporate iframes.
A supplier punchout site isn’t rendering correctly or is not transferring data back and forth correctly. What should I do?
Ask your supplier to look into the Google Chrome Samesite changes. Please reference https://www.chromium.org/updates/same-site.
My suppliers have patched their punchout sites. Who should be testing these changes?
Once build 80 is released to your end users, your customer administrators should test each punchout to make sure it is working properly. If your suppliers have not yet patched their sites and use iframes, you can optionally create a Zendesk ticket to have BuyerQuest manually turn off iframes for that supplier punchout site. This could temporarily help relieve the issue, but may cause user confusion when they do not see the supplier site open as an iFrame within the BuyerQuest site.
The IT department at my company automatically incorporates Google Chrome updates and will be upgrading to Build 80 soon. Why is BuyerQuest asking me to stay on an older version?
Staying on an older version of any browser is not recommended but could temporarily enable you to keep using punchout sites correctly until your suppliers have updated their sites to take into account changes that Google is rolling out in their Chrome browser. It is not a long-term viable solution and also may not be an option if automatic upgrades are regulated by an overarching enterprise IT department.