Cookie settings in browsers for local development
Google Chrome has changed the default behavior of how cookies are sent in first and third party contexts. The new secure-by-default model assumes that all cookies must be protected from external access unless otherwise specified.
Google Chrome now treats cookies that have no value declared for the SameSite
attribute as SameSite=Lax cookies. As a result, they will be restricted to
first-party or same-site contexts, by default.
Only cookies with the SameSite=None; Secure setting have external access. Hence,
you must ensure that cookies that are intended for third-party or cross-site contexts must specify
SameSite=None; Secure.
If you are developing customizations locally (localhost:4500) the
omsEndPoint is set to http://<ip:port>/isf, which requires
cross site access. In such cases, it is mandatory to turn off cookies for the application to
work.