Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Ďalšie informácie
Otvorené

Is it normal that cookies with sameSite strict are not sent with a window.reload on android

Firefox pre Android Webová kompatibilita
snchmt
snchmt

When going to immich public proxy (as an example) from a link from another app, the Set-Cookie header is set but when performing the window.reload the cookies are not sent within the request.

See code : https://github.com/alangrainger/immich-public-proxy/blob/main/app/views/password.ejs#L49-L69

Reproduction steps : - have a link inside an app - click link - on site perform a request that returns a Set-Cookie header with sameSite=strict - perform a window.reload - check that cookie isn't sent

The same steps where performed on different browsers (Samsung Browser, Firefox on windows) but all of them sent the cookies allowing the authentication.

Is the behavior wanted ? From ietf it seems that is not a normal behavior : https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1

When going to immich public proxy (as an example) from a link from another app, the Set-Cookie header is set but when performing the window.reload the cookies are not sent within the request. See code : https://github.com/alangrainger/immich-public-proxy/blob/main/app/views/password.ejs#L49-L69 Reproduction steps : - have a link inside an app - click link - on site perform a request that returns a Set-Cookie header with sameSite=strict - perform a window.reload - check that cookie isn't sent The same steps where performed on different browsers (Samsung Browser, Firefox on windows) but all of them sent the cookies allowing the authentication. Is the behavior wanted ? From ietf it seems that is not a normal behavior : https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-same-site-00#section-2.1

Ak chcete odpovedať na príspevky, musíte sa prihlásiť do svojho účtu. Ak ešte nemáte účet, položte novú otázku.