在Safari上,通过重定向发送时不保存Cookie [英] On Safari, cookies are not saved when sent with redirect
问题描述
我已经实现了OAuth2客户端,其中的第一步是将用户发送到相关的第三方(此示例为facebook),我为他们设置了状态cookie,当他们从facebook返回时,我验证了该状态cookie
I have implemented an OAuth2 client, in which the first step is to send a user to the relevant 3rd party (facebook for this example), I set them a state cookie, and when they return from facebook I validate that state cookie.
在Chrome中,一切都很棒。当我将用户发送到重定向URL时,我可以看到(使用inspect元素)他们具有我设置的 state
cookie。
但是,当我在最新的MacOS上尝试(桌面)野生动物园时,我看不到该cookie。
In Chrome, everything is great. When I send the user to the redirect URL, I can see (using inspect element) that they have the state
cookie I set.
However, when I try on (desktop) safari on latest MacOS, I don't see that cookie.
我在响应中设置了cookie重定向请求:
I set the cookie in the response for my redirect request:
res.cookie('state', state.toString(), {
maxAge: 3600000,
secure: true,
httpOnly: true,
});
res.redirect(someRedirectUri);
我如何也可以将这些cookie保存在Safari中?我只是把cookie设置错了吗?
How can I get those cookies to be saved on Safari as well? Am I just setting the cookies wrong?
推荐答案
我认为您发现了已知的 WebKit 问题。
I think you've found known WebKit issue.
因此,Safari在遇到302 HTTP状态时会忽略Set-Cookie标头
So safari is ignoring the Set-Cookie header when encountering the 302 HTTP status
这篇关于在Safari上,通过重定向发送时不保存Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!