SameSite Cookie属性警告未得到解决 [英] SameSite Cookie Attribute Warning Isn't getting fixed
问题描述
我正在使用react.js,并且试图将幸运橙集成到我的网络应用中。我在 index.html
文件的head标签中添加了代码段,但是我得到警告:
I am using react.js, and I'm trying to integrate lucky orange into my web app. I added the code snippet in the head tag of the index.html
file, but I get a warning saying:
与跨站点资源关联的cookie,位于 http://luckyorange.net/设置时没有
SameSite
属性。如果将来的Chrome浏览器版本将Cookie设置为SameSite = None
和Secure
,则只会提供具有跨站点请求的Cookie。
A cookie associated with a cross-site resource at http://luckyorange.net/ was set without the
SameSite
attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set withSameSite=None
andSecure
.
我尝试将cookie设置在index.html文档的开头,如下所示:
I tried setting the cookie in the head of the index.html document like this:
document.cookie = 'same-site-cookie=foo; SameSite=Lax';
document.cookie = 'cross-site-cookie=bar; SameSite=None; Secure';
但是我仍然会收到该错误。我在做什么错了,我该怎么解决?
But I'm still getting that error. What am I doing wrong and how can I fix it?
推荐答案
如果您没有使用实际的代码,我只是
Without the actual code you're using, I'm only guessing that the situation here… however, a couple things:
控制台中的警告是针对 http://luckyorange.net $ c $ c>不是您管理的域。取而代之的是,幸运橙小组负责确保正确设置其Cookie。您在代码中所做的更改只会影响为您的域设置的Cookie。
The warning in the console is for http://luckyorange.net
which is not a domain that you manage. Instead, the Lucky Orange team is responsible for ensuring their cookies are set appropriately. Changes you make in your code will only affect cookies set for your domain.
您应通过支持票或类似方式使用Lucky Orange进行签入,以确保他们知道这些
You should check in with Lucky Orange via a support ticket or similar to ensure they are aware of these upcoming changes and have a plan in place.
目前,这些警告仅供参考-不会影响您网站的功能。这是Chrome 80的默认行为,将于2020年2月左右稳定。
At the moment, these warnings are purely informational - they will not affect your site's functionality. This will be the default behaviour as of Chrome 80, stable around Feb 2020.
您需要确保通过HTTPS包含任何幸运的橙色资源,因为这 SameSite = None必需;安全
设置。
You will need to ensure your inclusion of any Lucky Orange resources is via HTTPS though, as this is required by the SameSite=None; Secure
setting.
关于 https://web.dev/samesite-cookie-recipes 。
这篇关于SameSite Cookie属性警告未得到解决的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!