会话/Cookie在iframe中的Asp.Net MVC应用程序中重置为空白 [英] Session/Cookies are resetting to blank in Asp.Net MVC application in an iframe

问题描述

最近将chrome更新为80(版本80.0.3987.149(64位))并清除了浏览器的cookie之后，我们在ASP.Net MVC应用程序中看到以下问题.

After updating the chrome to 80 (Version 80.0.3987.149 (64-bit)) recently and clearing cookies of the browser we are seeing below issue in our ASP.Net MVC application.

会话/Cookie在重定向到其他页面时重置为空白.应用程序嵌入在iFrame中.

Session/Cookies are resetting to blank when redirecting to other page. Application is embedded in a iFrame.

我曾尝试通过以下方式在web.config中将同一网站"设置为无"，但均无作用-

I have tried setting Same site to "None" in web.config in below ways but none of them worked -

<sessionState cookieSameSite="None" timeout="60" />

<httpCookies sameSite="None" />

还安装了URL重写以覆盖IIS上的设置cookie-

Also installed URL rewrite to override set cookie on IIS -

<rewrite>
    <outboundRules>
        <rule name="AddSameSiteCookieFlag">
            <match serverVariable="RESPONSE_Set-Cookie" pattern="^(.*)(CFID|CFTOKEN|JSESSIONID|ASP.NET_SessionId)(=.*)$" />
            <action type="Rewrite" value="{R:0};SameSite=None" />
        </rule>
    </outboundRules>
</rewrite>

请帮助...

提前谢谢.

推荐答案

在进行了大量研究后，我遇到了类似的问题.通过在< sessionState>

I had a similar issue and after doing a lot of research. It is solved by adding a requireSSL attribute in <sessionState>

<httpCookies sameSite="None" requireSSL="true"  />

这篇关于会话/Cookie在iframe中的Asp.Net MVC应用程序中重置为空白的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！