找到导致 Chrome 的 SameSite 警告的 cookie [英] Find the cookie that causes Chrome's SameSite warning
问题描述
正如你们中的一些人所知,Chrome 将在本月开始使用新的 SameSite cookie 政策(
现在,随着新政策的推出越来越近,我尝试使用 Chrome 开发人员工具中的应用程序视图找到有问题的 cookie.这是显示:
如您所见,没有任何 cookie 的 Secure 或 SameSize 条目.
所以我启用了新政策,看看会发生什么变化.这可以在 chrome://flags
进行这些更改后,我在控制台中看到一条消息,告诉我 cookie 已被阻止.
但 Chrome 开发者工具中的应用程序视图显示的 cookie 与以前完全相同.
此外,我浏览了开发者工具网络视图中的每个条目.任何条目都没有 Cookie 标签.
这很令人沮丧,因为我不知道您被阻止的 cookie 是否与我们应用程序的功能相关.
有没有办法找出哪个 cookie 被阻止了?Chrome 不能在写入控制台的警告中直接提及 cookie 吗?
我们在这里整理了一份更深入的调试指南:https://www.chromium.org/updates/same-site/test-debug
作为 tl;dr
- 在网络"面板中,选择一个请求,转到 Cookie 子选项卡,选中显示过滤掉的请求 cookie",您可以看到每个 cookie 以及未包含的 cookie
- 从 Chrome 中捕获 NetLog 转储,您可以详细检查特定的阻塞事件.
As some of you know, Chrome will start using a new SameSite cookie policy this month (https://web.dev/samesite-cookies-explained/ and https://www.chromium.org/updates/same-site).
We are using Auth0 for our App and have seen this SameCookie warning in Chrome's console since the end of last year:
Now since introduction of the new policy is getting closer, I tried to find the offending cookie using the Application view in Chrome's developer tools. This is what is shows:
As you can see, there is no entry for Secure or SameSize for any cookie.
So I enabled the new policy to see what will change. This can be done in chrome://flags
After these changes I see a message in the console, telling me that a cookie was blocked.
But the Application view in Chrome's developer tools shows exactly the same cookies as before.
Also, I went through each entry in the developer tools Network view. There is no Cookie tab for any of the entries.
This is very frustrating, as I do not know if thee blocked cookie is relevant for the functioning of our application.
Is there a way to find out which cookie was blocked? Can't Chrome just mention the cookie in the warning that it writes into the console?
We've put together a more in-depth debugging guide here: https://www.chromium.org/updates/same-site/test-debug
As a tl;dr
- In the Network panel, select a request, go to the Cookies sub-tab, check the "show filtered out request cookies", and you can see each cookie along with the ones that were not included
- Capture a NetLog dump from Chrome and you can examine this in detail for the specific blocking events.
这篇关于找到导致 Chrome 的 SameSite 警告的 cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!