如何修复“将SameSite Cookie设置为无"警告? Chrome扩展程序 [英] How to fix "set SameSite cookie to none" warning? Chrome Extension
问题描述
我创建了一个chrome扩展程序,并从popup.js中调用了一个PHP脚本(使用Xhttprequest)来读取Cookie.像这样:
I created a chrome extension and from popup.js I called PHP script (Using Xhttprequest) that reads the cookie. Like this:
$cookie_name = "mycookie";
if(isset($_COOKIE[$cookie_name]))
{
echo $_COOKIE[$cookie_name];
}
else{
echo "nocookie";
}
但是我收到扩展名错误的警告.
But I'm getting this warning at errors in extensions.
未设置
SameSite属性的情况下设置了与(此处为我的域)中与跨站点资源关联的cookie.如果将来的Chrome浏览器版本将Cookie设置为SameSite=None和Secure,则仅会发送带有跨站点请求的cookie.您可以在应用程序">存储">"Cookies"下的开发人员工具中查看Cookie,并在 https://www.chromestatus中查看更多详细信息.com/feature/5088147346030592 和 https://www.chromestatus.com/feature/5633521622188032 .
A cookie associated with a cross-site resource at (Here is my domain) was set without the
SameSiteattribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set withSameSite=NoneandSecure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
我试图创建这样的cookie,但没有帮助.
I tried to create a cookie like this but it didn't help.
setcookie($cookie_name,$cookie_value, time() + 3600*24, "/;samesite=None ","mydomain.com", 1);
按照这个问题的说明进行操作.
推荐答案
对此我也处于反复试验"中,但是Google Chrome Labs的Github的回答对我有所帮助.我将其定义到我的主文件中,并且仅在一个第三方域中有效.仍在进行测试,但我渴望通过更好的解决方案来更新此答案:)
I'm also in a "trial and error" for that, but this answer from Google Chrome Labs' Github helped me a little. I defined it into my main file and it worked - well, for only one third-party domain. Still making tests, but I'm eager to update this answer with a better solution :)
如果您的PHP一直到7.2,就像我的服务器那样:
If you have PHP until 7.2, as my server does:
header('Set-Cookie: cross-site-cookie=name; SameSite=None; Secure');
或者如果您的主机已经更新到7.3,则可以使用:
Or if your host is already updated to 7.3, you can use:
setcookie('cross-site-cookie', 'name', ['samesite' => 'None', 'secure' => true]);
您可以尝试检查Cookie的另一件事是启用下面的标志,用自己的话说,将为可能受此更改影响的每个cookie添加控制台警告消息":
Another thing you can try to check the cookies, is enable the flag below, which - in their own words - "will add console warning messages for every single cookie potentially affected by this change":
chrome://flags/#cookie-deprecation-messages
在以下位置查看完整代码: https://github.com/GoogleChromeLabs/samesite-examples/blob/master/php.md ,它们也具有same-site-cookies的代码.
See the whole code at: https://github.com/GoogleChromeLabs/samesite-examples/blob/master/php.md, they have the code for same-site-cookies too.
这篇关于如何修复“将SameSite Cookie设置为无"警告? Chrome扩展程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
