socket.io sets cross-site cookie without same-site attribute

后端 未结 1 1081
不思量自难忘°
不思量自难忘° 2021-02-08 03:27

I have a socket.io application and recently I got this warning:

A cookie associated with a cross-site resource at URL was set without the

相关标签:
1条回答
  • 2021-02-08 03:40

    As per the issue reported in Socket IOs' github repo, that cookie is not used for anything; you can disable it by setting cookie: false in the server options.

    But what you have missed is setting {cookie: false} option when initializing the socket, not http.listen. The solution provided below worked for me that uses express as the server.

    var server = require('http').createServer(express());
    var io = require('socket.io')(server, { path:"/some/path", cookie: false });
    
    0 讨论(0)
提交回复
热议问题