Laravel 7:为什么没有在浏览器中设置我的会话Cookie? [英] Laravel 7: Why isn't my session cookie getting set in a browser?

问题描述

即使服务器响应包含正确的 Set-Cookie 标头，我的Laravel会话cookie也不会在浏览器中设置.Laravel服务器在localhost:8000上运行，客户端应用程序是在localhost:7000上运行的NuxtJS SPA.

My Laravel session cookie doesn't get set in a browser even though the server response contains the right Set-Cookie header. The Laravel server is running at localhost:8000, and the client application is a NuxtJS SPA running at localhost:7000.

包含 Set-Cookie 的响应标头如下:

HTTP/1.1 200 OK
Host: localhost:8000
Date: Sun, 06 Sep 2020 00:50:31 GMT
Connection: close
X-Powered-By: PHP/7.4.10
Cache-Control: no-cache, private
Date: Sun, 06 Sep 2020 00:50:31 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization, Access-Control-Request-Headers, Set-Cookie
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: dv_session=ifhSq8WFD2Upltr5v2bzNBgaA5xx3KiDVuMWuBge; expires=Sun, 06-Sep-2020 02:50:31 GMT; Max-Age=7200; path=/

通过邮递员发出相同的请求，将保存cookie:

Making the same request through postman, the cookie is saved:

因此，似乎浏览器正在忽略"Set-Cookie"标头.

So, it seems like the browser is ignoring the 'Set-Cookie' header.

我的session.php文件如下:

My session.php file is as follows:

<?php

return [
    'driver' => env('SESSION_DRIVER', 'redis'),
    'lifetime' => env('SESSION_LIFETIME', 120),
    'expire_on_close' => false,
    'encrypt' => false,
    'files' => storage_path('framework/sessions'),
    'connection' => env('SESSION_CONNECTION', null),
    'table' => 'sessions',
    'store' => env('SESSION_STORE', null),
    'lottery' => [2, 100],
    'cookie' => 'dv_session',
    'path' => '/',
    'domain' => "",
    'secure' => false,
    'http_only' => false,
];

为什么cookie被保存在Postman中，却被浏览器忽略?

Why is the cookie getting saved in Postman, but being ignored by browsers?

推荐答案

您的问题在chrome和safari中运行.Firefox将与您合作.问题是chrome不允许来自 http 域(您的本地主机)的cookie.这是他们的最新版本之一.

Your problem runs in chrome and safari. Firefox will work with you. The problem is that chrome is not allowing cookies from http domains, which is your localhost. It's one of their latest releases.

您的生产状况应该很好，因为您将在那里获得 https 证书.但是对于开发，您可以使用firefox.

You should be fine in production since you are going to have an https certificate there. But for development you can use firefox.

另一种解决方法是在 session.php 中将安全"字段设置为false.

Another work-around is in the session.php to set the 'secure' field to false.

'secure' => env('SESSION_SECURE_COOKIE', false)

这最初是用来完成技巧的，但是我个人决定转而使用Firefox，因为该技巧停止了工作，不得不破解我的方式".解决此问题，因此只需更改浏览器即可进行开发.

This used to do the trick at first but i personally decided to move to firefox cause that trick stopped working and had to "hack my way" around this issue so it was easier to just change browser for development.

这篇关于Laravel 7:为什么没有在浏览器中设置我的会话Cookie?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！