Chrome 80 及更高版本(于 2020 年 2 月 4 日发布)强制设置 SameSite 属性(我提前一天使用 Chrome Beta 下载该属性以测试我的网站)。
它使我的网站出现以下错误:
A cookie associated with a cross-site resource at URL was set without the
SameSite
attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set withSameSite=None
andSecure
. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
我查看了 Application>Storage>Cookies,但我只有一个 cookie 集,如下所示:
我如何知道哪个 Cookie 被阻止以及它被哪个请求阻止?
此问题是否会导致未设置 cookie 或是否导致 cookie 无法在 HTTP 请求中发送?
它是否以不同的方式处理 cookie 设置客户端和 cookie 设置服务器端(使用 Set-Cookie 响应 header )?
谢谢
最佳答案
请参阅此处了解更多信息:https://www.chromium.org/updates/same-site/test-debug
How do I know which Cookie was blocked and which request it was blocked on?
您需要查看 DevTools 中的 Network 面板,找到请求,并查看过滤掉的 cookie。
Does this issue causes a cookie to not be set OR does it cause a cookie not to be sent in an HTTP request?
两者都是可能的。
Does it treat cookies set client side and cookies set server side (using the Set-Cookie response header) differently?
不。
关于google-chrome - Chrome 80+ 与跨站点资源关联的 cookie 设置为没有 `SameSite` 属性。已被屏蔽,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60042761/