问题
I'm setting up ASP.NET Core authentication in different configurations, using Google Chrome as a development and test tool. Everything worked fine locally, but suddenly it stopped.
I've inspected the http headers and I found Set-Cookie
one there in my POST
response, but nothing in the next request nor in the Application->Storage->Cookies tab. I've inspected the console and found no errors nor warnings there. I've restated and updated Chrome (with no effect) and finally switched to Edge and then Firefox.
And, yes, I've searched whole the Internet, looking for the solution, but the highest ranked answers for similar issues are 5+ years old, CORS
or SameSite
related. Only once I found the reference to the bug in Chrome causing the issue I faced.
回答1:
The cause of the problem was a bug in Google Chrome:
If you have a secure cookie with same name set by https://localhost, your cookie will fail to be set, and you will not know that one exists unless you visit the page from https://localhost.
In my case I've just once called my authentication service via https
, and that silently blocked all the following attempts with http
. Additionally annoying thing is that restarting Chrome does not clear that (session) cookies, so the behavior persists until manual cleanup, or starting an incognito window.
来源:https://stackoverflow.com/questions/56392761/chrome-localhost-cookies-not-being-set