php 如何解决`SameSite`属性
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/58211114/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to solve `SameSite` attribute
提问by Tiago
I looked at the console and noticed these warnings
我看着控制台并注意到这些警告
A cookie associated with a cross-site resource at http://google.com/was set without the SameSite attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592and https://www.chromestatus.com/feature/5633521622188032.
与http://google.com/上的跨站点资源关联的 cookie设置为没有 SameSite 属性。如果使用 SameSite=None 和 Secure 进行设置,Chrome 的未来版本将仅提供具有跨站点请求的 cookie。您可以在应用程序>存储>Cookies 下的开发人员工具中查看 cookie,并在https://www.chromestatus.com/feature/5088147346030592和https://www.chromestatus.com/feature/5633521622188032 上查看更多详细信息。
How to solve it?
如何解决?
回答by Josh Stovall
A solution that worked for me:
一个对我有用的解决方案:
If you are using PHP,add this line to the beginning
如果您使用的是 PHP,请将此行添加到开头
header('Set-Cookie: cross-site-cookie=name; SameSite=None; Secure');
Update更新这是一个有用的资源,包括 JavaScript、Node.js、PHP 和 Python 中的示例
https://github.com/GoogleChromeLabs/samesite-exampleshttps://github.com/GoogleChromeLabs/samesite-examples
回答by Mike Kormendy
There's nothing you can do until Google's developers/admins (and developers/admins of other external resources) modify their scripts/servers to include the necessary cookies settings to the cookies they generate when your website includes them. See here more more info:
在 Google 的开发人员/管理员(以及其他外部资源的开发人员/管理员)修改他们的脚本/服务器以将必要的 cookie 设置包含到他们在您的网站包含它们时生成的 cookie 之前,您无能为力。在这里查看更多信息:
https://github.com/GoogleChromeLabs/samesite-examples/issues/4#issuecomment-548598318
https://github.com/GoogleChromeLabs/samesite-examples/issues/4#issuecomment-548598318
If you are debugging your website, you can temporarily ignore those entries in Chrome's developer tools console by adding this filter to the filter box:
如果您正在调试您的网站,您可以通过将此过滤器添加到过滤器框来暂时忽略 Chrome 开发者工具控制台中的这些条目:
-SameSite=None
-SameSite=None
For example:
例如:
回答by Hans Ganteng
Does your .htaccess file contain a header unset cookie code? and you use cdn and its cache like cloudflare.
您的 .htaccess 文件是否包含标题未设置的 cookie 代码?您可以像 cloudflare 一样使用 CDN 及其缓存。
If so, just delete the code in the htaccess
如果是这样,只需删除htaccess中的代码
