Tratcher
commented
1 year ago Can you share a Fiddler trace showing the cookies flowing between requests?
Closed NeelamYangal closed 1 year ago
Tratcher
commented
1 year ago Can you share a Fiddler trace showing the cookies flowing between requests?
NeelamYangal
commented
1 year ago Thank you for responding. Please find below screenshots for traces
And just to add more information: After Microsoft.Owin update, third-party logins work fine on Firefox Mozilla, Issue is on Google chrome.
Tratcher
commented
1 year ago Ah, there's your problem. .AspNet.Correlation.Steam is marked as 'SameSite: None', but not as 'Secure'.
Are you testing using HTTP or HTTPS? HTTPS is now required by chrome for SameSite None scenarios like this.
NeelamYangal
commented
1 year ago I have already tried HTTPS. But I can not see the Secure column ticked. Do you know any reason behind this?
NeelamYangal
commented
1 year ago So, My external login URL endpoint is rendering over the HTTP. So I have made changes and it is now redirecting over HTTPS. and looks like the issue has been fixed. Thank you so much for your help. :)
Recently I have updated Microsoft.Owin package to 4.2.2 from that moment, ValidatateCorelationID() method not able to find the Request.Cookie[".AspNet.Correlation.Steam"]
I know this type of issue has already been raised by many people. And I have tried all possible solutions including this https://github.com/aspnet/AspNetKatana/issues/331
I did exactly all steps which are done in this.
Could you please let me know What I am doing wrong?
Even I have implemented SameSiteCookieManager and done the changes like this