Hubspot Tracking CodeSOLVE
Oct 8, 2019 7:46 PM
Jan 29, 2020 10:34 PM
I have further checked on this with our product team and I'm able to confirm that the warning will not impact all HubSpot functionality. Any automatic browser handling for cookies without the flag set will force them into a LAX-ish state, which is slightly more permitting than LAX itself and acceptable for the functions HubSpot uses its cookies for.
Let me know if there's any more concerns on this. Happy to help address them.
Feb 4, 2020 10:29 PM
It’s important to note that HubSpot doesn’t use third party cookies to power the analytics user token we attach to contacts and that this change does not impact any functionality of HubSpot analytics tracking and the HubSpot analytics tracking code and cookies will continue to function correctly.
It is the case that external trackers that use third party cookies may have issues with the flag (e.g. if a website has the Facebook pixel on it), but we don’t have control over the cookies those scripts drop.
Aug 21, 2020 6:26 AM - edited Aug 21, 2020 6:27 AM
Just an update here!
I have checked in with our team and we'd first like to clarify that the cookies set by HubSpot analytics scripts do now have the SameSite flag set (and have since February). We would not expect users to be seeing that chrome warning specifically about the js.hs-analytics at this point.
The likely root cause here is that users are seeing warnings referring to either hubspot.com or app.hubspot.com related to HubSpot app cookies (such as login/auth cookies which a user would see on their own HubSpot website if they're logged into HubSpot in that same browser) or possibly cookies related to HubSpot API requests from assets they've embedded on their website.
Having said that, HubSpot analytics passes the values we need as query parameters on requests, so because our tracking doesn't expect the cookie to be present in the header this does not affect our tracking functionality.
Additionally, I'd also like to suggest for you to try loading your website incognito to confirm if you still see those HubSpot warnings or not. If you do not see them in incognito, this can helps confirm that they're related to being logged into HubSpot, and not related to the website itself.
Do let me know if there's any further concerns. I'd be happy to address them 🙂