Endless redirect loop when set servlet.session.cookie.same-site=none

Whenever i set the property servlet.session.cookie.same-site=none I cannot access my login page and the browser ends up in a redirect loop.

As soon as I remove that I can login normally.

As background I am trying to set that so I can use vaadin in an iframe without the Cookies Disabled error.

Hi Steve.

Which exact Vaadin version are you using? … I did a small test with the latest version (an application with login enabled created at start.vaadin.com) and just by adding the servlet.session.cookie.same-site=none property it works fine, no redirect loops.

Can you create an application on start.vaadin.com with security enabled and try it by yourself? … if it works maybe you could compare it with your application to see if you can spot a significant difference.

If you can reproduce the problem with a sample app, I can take a look.