htaccess conditional context usage, help~~

[ccyeh0901]

Hi~
I've upgraded LiteSpeed Web Server to v6.0 recently, and want to try the new feature (Apache 2.4 conditional context <If> <Ifelse> <Else> support.) to set SameSite header with Chrome browser only and use the following syntax but with no luck, anybody can help...
it always executes to this line "ForceSecureCookie none", which means <If> tag is not taking effect... wonder if I misused the <If> tag or not, hope someone shed the light for me, thanks~~~

<If "%{HTTP_USER_AGENT} !~ /(iPhone; CPU iPhone OS 1[0-2]|iPad; CPU OS 1[0-2]|iPod touch; CPU iPhone OS 1[0-2]|Macintosh; Intel Mac OS X.*Version\x2F1[0-2].*Safari|Macintosh;.*Mac OS X 10_14.* AppleWebKit.*Version\x2F1[0-3].*Safari)/i">
ForceSecureCookie httponly secure same_site_none
</If>
<Else>
ForceSecureCookie none
</Else>

 

[mistwang]

Unfortunately, it does not work, as `ForceSecureCookie` only applied at vhost level.

 

[ccyeh0901]

Thanks for the light..., wonder if there is other way to achieve that as Apache 2.4 Syntax works well like:
<If "%{HTTP_USER_AGENT} !~ /(iPhone; CPU iPhone OS 1[0-2]|iPad; CPU OS 1[0-2]|iPod touch; CPU iPhone OS 1[0-2]|Macintosh; Intel Mac OS X.*Version\x2F1[0-2].*Safari|Macintosh;.*Mac OS X 10_14.* AppleWebKit.*Version\x2F1[0-3].*Safari)/i">
Header always edit Set-Cookie (.*) "$1; SameSite=None; Secure"
</If>
How can I edit header like this?

 

[Pong]

LiteSpeed doesn't support "Header always edit"

 

[ccyeh0901]

But it supports "ForceSecureCookie httponly secure same_site_none",
why we can't put it in <If> <Else> tag ... Sorry as I'm new to web server setting...><