samesite

PHP SameSite session problem, session doesn't work

有些话、适合烂在心里 提交于 2021-02-18 05:32:11
问题 I hope anybody can give me some ideas to my problem. I am trying to apply SameSite cookie to make session work but it seems it doesn't work. The visited site html: <iframe src="https://www.example.com/test/iframe.php"></iframe> Iframe source site: <?php header('Set-Cookie: cross-site-cookie=PHPSESSID; SameSite=None; Secure'); session_start(); if(!isset($_SESSION['test'])){ echo 1; $_SESSION['test'] = 'ee2'; }else{ echo $_SESSION['test']; } If I visit the website, I still receive A cookie

ASP.NET - Request.Cookies no longer working in Chrome V80+

自作多情 提交于 2021-02-11 17:07:46
问题 In what is undoubtedly related to the Chromes samesite cookie policies released recently I am now having issues updating cookies in ASP.NET. I have a simple cookie collection to store basic user settings. The cookie is both generated and updated using the code below. SET COOKIE If Response.Cookies("Settings") IsNot Nothing Then Dim cookie As HttpCookie = Request.Cookies("Settings") cookie("Setting01") = ddl.SelectedValue cookie.Expires = Date.Now.AddDays(365) Response.Cookies.Add(cookie) End

ASP.NET - Request.Cookies no longer working in Chrome V80+

折月煮酒 提交于 2021-02-11 17:04:56
问题 In what is undoubtedly related to the Chromes samesite cookie policies released recently I am now having issues updating cookies in ASP.NET. I have a simple cookie collection to store basic user settings. The cookie is both generated and updated using the code below. SET COOKIE If Response.Cookies("Settings") IsNot Nothing Then Dim cookie As HttpCookie = Request.Cookies("Settings") cookie("Setting01") = ddl.SelectedValue cookie.Expires = Date.Now.AddDays(365) Response.Cookies.Add(cookie) End

how to set the samesite attribute on bm_sv cookie

自闭症网瘾萝莉.ら 提交于 2021-01-29 17:30:49
问题 Found DAST scan error "Cookie Without SameSite Attribute" on Frond end application Front end application build on node js and React js. I can see the cookie are added back in response object in browser. Set-Cookie: bm_sv=fdafdfsdfasffasdfsafsdfsafasffsadffdsfsfasfsdfsfxvxgdhgfwefw; Domain=.xxxxx.co.uk; Path=/; Max-Age=7003; HttpOnly Error clearly showing that it will be clear by adding "Samesite" Attribute in cookie. I used cookie-session node module and added configuration like below. but it

Session cookie set `SameSite=None; Secure;` does not work

旧街凉风 提交于 2021-01-27 07:20:46
问题 I added SameSite=None; Secure; to set-cookie. but the cookie was not set and I can’t log in to my site. response.writeHead(200, { 'Content-Type': 'application/json', 'Set-Cookie': 'token=' + token + '; SameSite=None; Secure; Expires=' + time.toUTCString() + '; Path=/' + '; Domain=' + hostname, 'csrf-token': csrfToken }); I reviewed the cookie in developer tools under Application>Storage>Cookies and see more details. it showed a warning message: this set-cookie was blocked because it was not

Session cookie set `SameSite=None; Secure;` does not work

半腔热情 提交于 2021-01-27 07:18:00
问题 I added SameSite=None; Secure; to set-cookie. but the cookie was not set and I can’t log in to my site. response.writeHead(200, { 'Content-Type': 'application/json', 'Set-Cookie': 'token=' + token + '; SameSite=None; Secure; Expires=' + time.toUTCString() + '; Path=/' + '; Domain=' + hostname, 'csrf-token': csrfToken }); I reviewed the cookie in developer tools under Application>Storage>Cookies and see more details. it showed a warning message: this set-cookie was blocked because it was not

issue with cross-site cookies: how to set cookie from backend to frontend

。_饼干妹妹 提交于 2021-01-02 06:09:11
问题 I'm currently developing my first webapp, frontend with React and backend with FastAPI . I'm trying to test it out jointly with Chrome-- see if the frontend makes the correct API calls to backend, and display the results. I've been having problems with cookies, and I'd like help. Apologies in advance for the long post – I've been going through many resources past couple of days, and at this point I'm unsure what's relevant and what's not. Frontend on localhost:8080 Backend on http://127.0.0.1

How can I set the samesite cookie attribute in CakePHP 2.3?

流过昼夜 提交于 2020-12-15 06:38:34
问题 CakePHP 2.3 sets the Session variables (including cookie attributes) in the core.php file. I need to set samesite=None and Secure=true for the session cookie, but it doesn't appear to have those settings available in the configuration, which shows only the following options: Session.cookie - The name of the cookie to use. Defaults to 'CAKEPHP' Session.timeout - The number of minutes you want sessions to live for. This timeout is handled by CakePHP Session.cookieTimeout - The number of minutes

How can I set the samesite cookie attribute in CakePHP 2.3?

余生长醉 提交于 2020-12-15 06:38:17
问题 CakePHP 2.3 sets the Session variables (including cookie attributes) in the core.php file. I need to set samesite=None and Secure=true for the session cookie, but it doesn't appear to have those settings available in the configuration, which shows only the following options: Session.cookie - The name of the cookie to use. Defaults to 'CAKEPHP' Session.timeout - The number of minutes you want sessions to live for. This timeout is handled by CakePHP Session.cookieTimeout - The number of minutes

SameSite=None not working on Chrome incognito?

孤人 提交于 2020-12-08 13:10:40
问题 I visited this site: https://samesite-sandbox.glitch.me/ both on normal and incognito Chrome window. This happens 100% of the time both on Mac Chrome and Android Chrome. Incognito had no extensions enabled. Is this a bug? Is there a workaround? Chrome version: 84.0.4147.105 Here's the incognito result: Here's the result on non-incognito window: 回答1: Actually just found the solution From this site: https://www.chromium.org/updates/same-site/test-debug If you are testing in Incognito Mode, be