Seeing as google is going to be deprecating third party cookies in 2024, I want to ensure my site is using SameSite: strict. Right now, I have it set to SameSite: None (third party cookie). I have a static React Site front end hosted on: https://vikan-demo.onrender.com and a NodeJS backend hosted on https://vikan-server.onrender.com. My question is what is the best approach from going from a policy like this in my backend:
You can’t use onrender.com when setting SameSite to strict (even lax??) because it is on the public suffix list, so subdomains of onrender.com are not considered the same site.
To achieve what you want to do, you will need to purchase your own domain and use it with your front and backend services as a custom domain.
Thank you for your timely response. After searching around I came to the same exact solution. I already implemented it and it works. Consider this thread closed!