javascript - plugin - npm cookie



SameSite предупреждение Chrome 77 (1)

Это предупреждение консоли не является ошибкой или реальной проблемой - Chrome просто распространяет информацию об этом новом стандарте, чтобы ускорить принятие разработчиками.

Дата выпуска исправления - 02/04/2020 по https://www.chromium.org/updates/same-site : https://www.chromium.org/updates/same-site

Я решил ту же проблему, добавив в заголовок ответа

response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=Strict");

SameSite позволяет браузеру отправлять cookie вместе с межсайтовыми запросами. Основная цель - снижение риска утечки информации из разных источников. Он также обеспечивает некоторую защиту от атак подделки межсайтовых запросов. Возможные значения для флага: Lax или Strict.

Пожалуйста, ознакомьтесь с this перед применением любой опции.

Надеюсь, это поможет вам.

Со времени последнего обновления у меня возникла ошибка с файлами cookie, связанная с атрибутом SameSite.

Файлы cookie принадлежат сторонним разработчикам (Fontawesome, jQuery, Google Analytics, Google reCaptcha, Google Fonts и т. Д.).

Ошибки в консоли Chrome такие.

A cookie associated with a cross-site resource at <URL> was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at <URL> and <URL>.
(index):1 A cookie associated with a cross-site resource at http://jquery.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at http://fontawesome.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at http://google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at https://google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at https://www.google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at http://www.google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
(index):1 A cookie associated with a cross-site resource at http://gstatic.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

Есть ли что-то, что мне нужно сделать на моем локальном компьютере или сервере, или это просто какая-то функция, которую они должны реализовать в будущих выпусках своих библиотек?





samesite