Khoros Atlas Logo

Khoros Community Blog

Khoros Staff
Khoros Staff

There are some changes coming to the Khoros Communities release and upgrade cadence.  Read on for more details.

ico_serv_laun_0.png

 

Read more...

Read more
Labels (1)
  • Product Updates

15 1 249
Khoros Oracle
Khoros Oracle

On 4 February, Google is rolling out a new security update that will change how 3rd party cookies are handled in the Chrome browser.  Other browsers are more than likely to also follow suit.

You can find more information about this at the following resources:

https://www.chromestatus.com/feature/5088147346030592

https://blog.chromium.org/2019/10/developers-get-ready-for-new.html

https://web.dev/samesite-cookies-explained/

 

What does this mean for Khoros customers?

We are currently evaluating and testing any scenarios that could typically be affected by this change, particularly around SSO/authentication.  If you are a Khoros Community customer and have any questions or concerns, we have created a thread for conversations to take place here.  We’ll continue to post our findings on this blog so please subscribe to this post to stay updated.

If you wish to carry out testing yourself, you can follow the instructions below (taken from SameSite Updates)

To test whether your sites may be affected by the SameSite changes:

 

  1. Go to chrome://flags and enable #same-site-by-default-cookies and #cookies-without-same-site-must-be-secure. Restart the browser for the changes to take effect.
  2. Test your sites, with a focus on anything involving federated login flows, multiple domains, or cross-site embedded content. Note that, because of the 2 minute time threshold for the "Lax+POST" intervention, for any flows involving POST requests, you may want to test with and without a long (> 2 minute) delay.
  3. If your site stops working:
    • Try turning off #cookies-without-same-site-must-be-secure. If this fixes the issue, you need to set `Secure` on any `SameSite=None` cookies your site may be relying upon. (This may require upgrading HTTP sites to HTTPS.)
    • Try turning off both flags. If this fixes the issue, you need to identify the cookies being accessed in a cross-site context and apply the attributes `SameSite=None` and `Secure` to them. See "SameSite cookies explained" for more information. If you are not the developer of the site, please reach out to the developer and/or vendor who authored the site.
    • For flows involving POST requests, if a short delay (< 2 minutes) works but a long delay (> 2 minutes) does not work, you will also need to add `SameSite=None` and `Secure` to the relevant cookies if the operation in question may take longer than 2 minutes. Note that the 2-minute window for "Lax+POST" is a temporary intervention and will be removed at some point in the future (some time after the Stable launch of Chrome 80), at which point cookies involved in these flows will require `SameSite=None` and `Secure` even if under 2 minutes.

 

Following the Chrome update, if you do encounter any unexpected behaviour please file a ticket as per the standard Support process.

 

Update: 4 February 2020

Salesforce have identified that some custom integrations may stop working as a result of the Chrome 80 changes.  This affects instances where our Salesforce connector is being used on the classic version of Salesforce.  We are dependent on a fix being provided by Salesforce, currently due to be deployed on 15 February.  Further details can be found on their help page.  Customers experiencing problems are advised to switch to a different browser as a workaround.

Read more
Labels (1)
  • Product Updates

2 0 316
Khoros Staff
Khoros Staff

Last week we hosted a webinar showcasing our latest Community technology innovations designed to help customers build more community, everywhere.

Read more...

Read more
Labels (2)
Tags (2)
2 0 465
Khoros Staff
Khoros Staff

Bringing people together as a community is what Khoros is all about. Over the past few years, we have built products that extend Community outside of our platform using our ActiveCast technology. Building off of that foundation, we’re excited to announce the first component in our next generation of Community Syndication, Q&A Syndication.

Read more...

Read more
Labels (1)
  • Product Updates

7 0 774
Khoros Staff
Khoros Staff

Editor v2 takes a big step forward in providing community users with a contemporary message editing experience. Read on to learn about all the message editor improvements.

Read more...

Read more
Labels (4)
18 19 5,033
Khoros Alumni (Retired) Khoros Alumni (Retired)
Khoros Alumni (Retired)
Labels (1)
  • Product Updates

22 5 1,993
Khoros Staff
Khoros Staff

Find out the enhancements made around Search Engine Optimisation (SEO) in 2018.

Read more...

Read more
Labels (1)
  • Product Updates

Tags (1)
15 3 2,105
Khoros Staff
Khoros Staff

Learn how you can use Promoted Search to boost specific content to the top of the search results list when users search for specific terms.

Read more...

Read more
Labels (3)
17 12 4,679
Khoros Staff
Khoros Staff

Lithium is moving all customer communities to full HTTPS encryption. Read on to learn more about the migration path. 

Read more...

Read more
Labels (3)
11 3 4,402
Khoros Staff
Khoros Staff

With Community release 18.1, we are announcing a deprecation path for referencing assets within Community skins using the asset FreeMarker context object get method. We will deprecate support of the asset FreeMarker context object in skins with Community release 18.8.

Read more...

Read more
Labels (2)
3 0 1,915
About Khoros Community Blog
Your hub for Khoros Community analytics, tips, product features, and customer success stories.