services.grafana.settings.security.cookie_samesite
Sets the SameSite cookie attribute and prevents the browser from sending this cookie along with cross-site requests.
The main goal is to mitigate the risk of cross-origin information leakage.
This setting also provides some protection against cross-site request forgery attacks (CSRF),
read more about SameSite here.
Using value disabled does not add any SameSite attribute to cookies.
- Type
one of "lax", "strict", "none", "disabled"- Default
"lax"- Declared
- <nixpkgs/nixos/modules/services/monitoring/grafana.nix>