发表新帖
发表新帖

socket.io sets cross-site cookie without same-site attribute

后端 未结
关注
1 1082
不思量自难忘°
不思量自难忘° 2021-02-08 03:27

I have a socket.io application and recently I got this warning:

A cookie associated with a cross-site resource at URL was set without the

1条回答
  • 灰色年华
    灰色年华 (楼主)
    2021-02-08 03:40

    As per the issue reported in Socket IOs' github repo, that cookie is not used for anything; you can disable it by setting cookie: false in the server options.

    But what you have missed is setting {cookie: false} option when initializing the socket, not http.listen. The solution provided below worked for me that uses express as the server.

    var server = require('http').createServer(express());
var io = require('socket.io')(server, { path:"/some/path", cookie: false });

    0 讨论(0)
 看不清?
提交回复
热议问题