samesite

问题 I hope anybody can give me some ideas to my problem. I am trying to apply SameSite cookie to make session work but it seems it doesn't work. The visited site html: <iframe src="https://www.example.com/test/iframe.php"></iframe> Iframe source site: <?php header('Set-Cookie: cross-site-cookie=PHPSESSID; SameSite=None; Secure'); session_start(); if(!isset($_SESSION['test'])){ echo 1; $_SESSION['test'] = 'ee2'; }else{ echo $_SESSION['test']; } If I visit the website, I still receive A cookie

问题 In what is undoubtedly related to the Chromes samesite cookie policies released recently I am now having issues updating cookies in ASP.NET. I have a simple cookie collection to store basic user settings. The cookie is both generated and updated using the code below. SET COOKIE If Response.Cookies("Settings") IsNot Nothing Then Dim cookie As HttpCookie = Request.Cookies("Settings") cookie("Setting01") = ddl.SelectedValue cookie.Expires = Date.Now.AddDays(365) Response.Cookies.Add(cookie) End

问题 In what is undoubtedly related to the Chromes samesite cookie policies released recently I am now having issues updating cookies in ASP.NET. I have a simple cookie collection to store basic user settings. The cookie is both generated and updated using the code below. SET COOKIE If Response.Cookies("Settings") IsNot Nothing Then Dim cookie As HttpCookie = Request.Cookies("Settings") cookie("Setting01") = ddl.SelectedValue cookie.Expires = Date.Now.AddDays(365) Response.Cookies.Add(cookie) End

问题 Found DAST scan error "Cookie Without SameSite Attribute" on Frond end application Front end application build on node js and React js. I can see the cookie are added back in response object in browser. Set-Cookie: bm_sv=fdafdfsdfasffasdfsafsdfsafasffsadffdsfsfasfsdfsfxvxgdhgfwefw; Domain=.xxxxx.co.uk; Path=/; Max-Age=7003; HttpOnly Error clearly showing that it will be clear by adding "Samesite" Attribute in cookie. I used cookie-session node module and added configuration like below. but it

问题 I added SameSite=None; Secure; to set-cookie. but the cookie was not set and I can’t log in to my site. response.writeHead(200, { 'Content-Type': 'application/json', 'Set-Cookie': 'token=' + token + '; SameSite=None; Secure; Expires=' + time.toUTCString() + '; Path=/' + '; Domain=' + hostname, 'csrf-token': csrfToken }); I reviewed the cookie in developer tools under Application>Storage>Cookies and see more details. it showed a warning message: this set-cookie was blocked because it was not

问题 I added SameSite=None; Secure; to set-cookie. but the cookie was not set and I can’t log in to my site. response.writeHead(200, { 'Content-Type': 'application/json', 'Set-Cookie': 'token=' + token + '; SameSite=None; Secure; Expires=' + time.toUTCString() + '; Path=/' + '; Domain=' + hostname, 'csrf-token': csrfToken }); I reviewed the cookie in developer tools under Application>Storage>Cookies and see more details. it showed a warning message: this set-cookie was blocked because it was not

问题 I'm currently developing my first webapp, frontend with React and backend with FastAPI . I'm trying to test it out jointly with Chrome-- see if the frontend makes the correct API calls to backend, and display the results. I've been having problems with cookies, and I'd like help. Apologies in advance for the long post – I've been going through many resources past couple of days, and at this point I'm unsure what's relevant and what's not. Frontend on localhost:8080 Backend on http://127.0.0.1

问题 CakePHP 2.3 sets the Session variables (including cookie attributes) in the core.php file. I need to set samesite=None and Secure=true for the session cookie, but it doesn't appear to have those settings available in the configuration, which shows only the following options: Session.cookie - The name of the cookie to use. Defaults to 'CAKEPHP' Session.timeout - The number of minutes you want sessions to live for. This timeout is handled by CakePHP Session.cookieTimeout - The number of minutes

问题 CakePHP 2.3 sets the Session variables (including cookie attributes) in the core.php file. I need to set samesite=None and Secure=true for the session cookie, but it doesn't appear to have those settings available in the configuration, which shows only the following options: Session.cookie - The name of the cookie to use. Defaults to 'CAKEPHP' Session.timeout - The number of minutes you want sessions to live for. This timeout is handled by CakePHP Session.cookieTimeout - The number of minutes

问题 I visited this site: https://samesite-sandbox.glitch.me/ both on normal and incognito Chrome window. This happens 100% of the time both on Mac Chrome and Android Chrome. Incognito had no extensions enabled. Is this a bug? Is there a workaround? Chrome version: 84.0.4147.105 Here's the incognito result: Here's the result on non-incognito window: 回答1: Actually just found the solution From this site: https://www.chromium.org/updates/same-site/test-debug If you are testing in Incognito Mode, be