Похожие чаты

Any backend / frontend devs here? I have this Set-Cookie header

to save access_token in frontend's cookie.
It has httpOnly; Secure; SameSite=None; attributes. It worked for localhost to api, localhost to localhost ( different port ) etc.

my urls are like https://api.asd.com and https://portal.asd.com.

It's not working in Safari. So reading through stackoverflow, Safari don't like SameSite=None so I changed it to SameSite=Lax Works on every browser except localhost to server what's happening and what should I do?

My header is like this now
Set-Cookie: Authorization=magic; httpOnly; SameSite=Lax; MaxAge=3600; Secure; Doman=.asd.com; ( Works on all browser except localhost (FE) to https://api.asd.com)

6 ответов

17 просмотров

Need to be on same domain to set/send cookies

akza07- Автор вопроса
David
Need to be on same domain to set/send cookies

api.domain.co & portal.domain.co are domain.co ryt?

akza07- Автор вопроса
David
yes

localhost & portal are not. but Samesite=None & Secure:true works. why?

akza07
localhost & portal are not. but Samesite=None & Se...

What do you mean it works? If there's no restrictive CORS policy, the request will get sent. But I don't think the Set-Cookie response headers work

akza07- Автор вопроса
David
What do you mean it works? If there's no restricti...

They worked & Set the cookie on both localhost-domain & doman-subdomain. Which i dont understand how. only safari blocked it. which needed privacy shering in settings to be turned off

Похожие вопросы

Обсуждают сегодня

а через ESC-код ?
Alexey Kulakov
29
30500 за редактор? )
Владимир
47
Чёт не понял, я ж правильной функцией воспользовался чтобы вывести отладочную информацию? но что-то она не ловится
notme
18
У меня есть функция где происходит это: write_bit(buffer, 1); write_bit(buffer, 0); write_bit(buffer, 1); write_bit(buffer, 1); write_bit(buffer, 1); w...
~
13
any reference of this implementation?
BitBuddha
29
Ⓐrtto, [4/23/24 7:02 PM] Please explain more fully how it is not working exactly, and what are the steps you are taking, and what error messages come or what happens. Ⓐrtto, ...
Ezza Kezza
2
sounds like people have lost their kaspa on tradeogre... does this mean tradeogre not trustworthy?
Ezza Kezza
15
Страшнейшая правда про списки ЦБ. С первых дней жизни P2P сферы, молодые человеки, начитавшись законодательной базы и "внутренних" документов, решили, что им противостоит сер...
Foxcool
3
Недавно Google Project Zero нашёл багу в SQLite с помощью LLM, о чём достаточно было шумно в определённых интернетах, которые сопровождались рассказами, что скоро всех "ибешни...
Alex Sherbakov
5
So much speculation in the last week. So much volatility in price. This is because Hedera has a GC that isn't using the network it's governing. Why aren't people asking why a...
Summit Seeker R
9
Карта сайта