Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
editAsk a Question
Welcome To Ask or Share your Answers For Others

Categories

egg如何配session的samesite选项?

in Technique[技术] by (71.8m points)

文档中指名了egg-session引用了koa-session并且

Support all configurations in koa-session.

于是我按照koa-session配了samesite:

session: {
      key: 'DSESSIONID',
      maxAge: 2 * 3600 * 1000, // 2 小时
      httpOnly: true,
      encrypt: false,
      renew: true,
      sameSite: 'none',
    },

结果发出的cookie还是没有samesite配置:
image

感叹里的提示信息:samesite跨域了

补充:
当设置samesite为none时候 必须把secure设为true
参见:https://www.ruanyifeng.com/bl...

但是又引出新的问题:
没有https支持的网站如何绕过samesite的限制

求大神指导


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
3.7k views
Welcome To Ask or Share your Answers For Others

1 Answer

by (71.8m points)

这个好像是chrome浏览器的默认设置问题,看看这个-->参考链接是否能解决你的问题。


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

548k questions

547k answers

4 comments

86.3k users

Most popular tags

Theme made by Momin Raza, Modified by Ostack
Powered by Question2Answer
...