booscaaa
commented
4 years ago The problem is in our login structure. Not in the library.
Closed booscaaa closed 4 years ago
booscaaa
commented
4 years ago The problem is in our login structure. Not in the library.
Google chrome is modifying some rules with the management of cookies. https://www.chromestatus.com/feature/5088147346030592
Here is the message from warning that is displayed in the browser at the time of login. A cookie associated with a cross-site resource at http://201.25.55.46/ was set without the
SameSiteattribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set withSameSite=NoneandSecure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.I tried, unsuccessfully, to manipulate the automatically generated token for the session between Pacific and the JSDO library.
Is there any way to set the cookie to SameSite = Lax; or SameSite = None; Secure; ?
With that I also noticed that the login is successful, but access is denied when calling the "guarantee" request that the library makes to know if it is logged. When calling http://\<site>/home.html (Error 401)
Login is fine:
But logout is next step on GET request at home.html: