For users running Chrome v80 and higher, Chrome is enforcing a secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None;Secure will be available in third-party contexts, provided they are being accessed from secure connections. Do note that the SameSite field is not yet widely supported in older browsers, as well as Safari and Firefox. Rowan Merewood - Developer Advocate for Chrome at Google, has provided a more comprehensive explanation of this policy.
When will it be fixed by Magento?
The issue has been flagged with Magento already through a GitHub issue. We have been in touch with Magento, and they have no clear timelines yet as to when they have a release with a fix. Magento asked us to comment on the GitHub issue, to raise awareness within their organisation and prioritize accordingly. Therefore, if you are experiencing issues, please use the text below (or your own if you like), and comment in the GitHub issue.
To solve this issue the SESSION cookie should be set as `SameSite=None; Secure` so POST requests from outside of the Magento website domain can also be processed.
How to fix (or prepare) for it?
Unfortunately, Adyen cannot fix the issues for our Magento merchants. However, in the comments of the GitHub issue a temporary fix is mentioned by Veriteworks. We cannot help our merchants with this fix, so if you have questions about it, please reach out to Veriteworks through the temporary fix GitHub Repository.
If you prefer to build your own temporary fix for this, there is a comprehensive link with sequence diagrams for you to use. Note that your cookies have to be set with the correct fields so that the warnings/errors do not appear. If you are looking for guides on how to modify your cookies based on your current stack, examples have been provided on how to properly configure the cookies based on the stack that you are working with.
If you want to test your solution fully but are unable to see the warnings, you have to enable the experimental flags, which can be found on chrome://flags, and set all the functions named "SameSite" to "Enabled".
Unfortunately, Adyen cannot help you with this fix. If you have questions in regards to any of these above mentioned links, please reach out to the GitHub owner, or raise an issue on GitHub.
We hope that Magento can prioritize this issue as soon as possible.