From 6ca7e53fbcc3fcd1b7034fd89b29d7b2d6b6a1d2 Mon Sep 17 00:00:00 2001 From: ludek-vlk Date: Tue, 22 Apr 2025 14:06:59 +0200 Subject: [PATCH 1/2] Update safe-links-about.md Adde behavior when SameSite=Strict cookies are required by the target page for authentication. --- defender-office-365/safe-links-about.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/defender-office-365/safe-links-about.md b/defender-office-365/safe-links-about.md index 41bc081536..8f480870e4 100644 --- a/defender-office-365/safe-links-about.md +++ b/defender-office-365/safe-links-about.md @@ -165,6 +165,8 @@ You turn on or turn off Safe Links protection for Microsoft Teams in Safe Links > When you turn on or turn off Safe Links protection for Teams, it might take up to 24 hours for the change to take effect. > > Safe Links protection for Teams is supported in Teams desktop and web instances. +> +> Websites opened from Teams might require re-authentication when SameSite=Strict cookies are required by the target page for authentication. This occurs because the intermediary page that performs Safe Links validation executes a redirect to the target page, which is treated as a cross-site request. The same applies to links opened from Teams for Web (with Safe Links disabled). URLs in Teams are checked against a list of known malicious links when the protected user clicks the link (time-of-click protection). URLs aren't rewritten. If a link is found to be malicious, users have the following experiences: From 7a7a1db11545120a0d1585a003e83786065c6c96 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 22 Apr 2025 08:18:17 -0700 Subject: [PATCH 2/2] Update safe-links-about.md --- defender-office-365/safe-links-about.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defender-office-365/safe-links-about.md b/defender-office-365/safe-links-about.md index 8f480870e4..cfed94137a 100644 --- a/defender-office-365/safe-links-about.md +++ b/defender-office-365/safe-links-about.md @@ -9,7 +9,7 @@ audience: Admin ms.topic: overview f1_keywords: - '197503' -ms.date: 12/24/2024 +ms.date: 04/22/2025 ms.localizationpriority: medium ms.collection: - Strat_O365_IP @@ -166,7 +166,7 @@ You turn on or turn off Safe Links protection for Microsoft Teams in Safe Links > > Safe Links protection for Teams is supported in Teams desktop and web instances. > -> Websites opened from Teams might require re-authentication when SameSite=Strict cookies are required by the target page for authentication. This occurs because the intermediary page that performs Safe Links validation executes a redirect to the target page, which is treated as a cross-site request. The same applies to links opened from Teams for Web (with Safe Links disabled). +> Websites opened from Teams might require re-authentication when `SameSite=Strict` cookies are required for authentication by the target page. This behavior occurs because the intermediary page that does Safe Links validation redirects to the target page, which is treated as a cross-site request. The same issue applies to links opened from Teams for Web with Safe Links disabled. URLs in Teams are checked against a list of known malicious links when the protected user clicks the link (time-of-click protection). URLs aren't rewritten. If a link is found to be malicious, users have the following experiences: