未设置Chrome本地主机cookie [英] Chrome localhost cookies not being set

问题描述

我正在使用Google Chrome作为开发和测试工具，以不同的配置设置ASP.NET Core身份验证。本地一切正常，但突然停止了。

I'm setting up ASP.NET Core authentication in different configurations, using Google Chrome as a development and test tool. Everything worked fine locally, but suddenly it stopped.

我检查了http标头，发现 Set-Cookie 一个> POST 响应，但在下一个请求中也不在应用程序->存储-> Cookies选项卡中。我检查了控制台，发现那里没有错误或警告。我已经重新安装和更新了Chrome（没有任何作用），最后切换到Edge，然后是Firefox。

I've inspected the http headers and I found Set-Cookie one there in my POST response, but nothing in the next request nor in the Application->Storage->Cookies tab. I've inspected the console and found no errors nor warnings there. I've restated and updated Chrome (with no effect) and finally switched to Edge and then Firefox.

而且，是的，我搜索了整个Internet，寻找解决方案，但对类似问题排名最高的答案是5年以上，与 CORS 或 SameSite 相关。仅在我发现 引用在Chrome中> bug 导致了我遇到的问题。

And, yes, I've searched whole the Internet, looking for the solution, but the highest ranked answers for similar issues are 5+ years old, CORS or SameSite related. Only once I found the reference to the bug in Chrome causing the issue I faced.

推荐答案

问题的原因是 Google Chrome浏览器中的错误：

如果您有一个由 https：// localhost 设置的同名安全cookie，您的Cookie将无法设置，，除非您从 https：// localhost 访问该页面，否则您将不知道该cookie存在。 a>。

If you have a secure cookie with same name set by https://localhost, your cookie will fail to be set, and you will not know that one exists unless you visit the page from https://localhost.

就我而言，我曾经通过 https调用了身份验证服务，并且通过 http 默默阻止了随后的所有尝试。另外令人讨厌的是，重新启动Chrome不会清除该（会话）Cookie，因此该行为一直持续到手动清理或启动隐身窗口为止。

In my case I've just once called my authentication service via https, and that silently blocked all the following attempts with http. Additionally annoying thing is that restarting Chrome does not clear that (session) cookies, so the behavior persists until manual cleanup, or starting an incognito window.

这篇关于未设置Chrome本地主机cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！