Azure active directory AzureAD和IOS12 SameSite Cookie无限循环
我遇到的站点cookie问题与我经常遇到的问题相同。我正在使用AzureAD,当我应用现有的修复程序时,仍然无法停止IOS12中的无限循环 我阅读并详细说明了如何将SameSiteMode设置为None。我错过了什么新东西吗 .NET核心2.1,AzureAD 这是我的创业课程:Azure active directory AzureAD和IOS12 SameSite Cookie无限循环,azure-active-directory,asp.net-core-2.1,ios12,Azure Active Directory,Asp.net Core 2.1,Ios12,我遇到的站点cookie问题与我经常遇到的问题相同。我正在使用AzureAD,当我应用现有的修复程序时,仍然无法停止IOS12中的无限循环 我阅读并详细说明了如何将SameSiteMode设置为None。我错过了什么新东西吗 .NET核心2.1,AzureAD 这是我的创业课程: public class Startup { public Startup(IConfiguration configuration) { Configuration = configu
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options))
.AddCookie(options=>options.Cookie.SameSite = SameSiteMode.None)
.Services.ConfigureExternalCookie(options =>
{
options.Cookie = new Microsoft.AspNetCore.Http.CookieBuilder()
{
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None
};
});
services.AddMvc(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseCors(builder =>
{
// cannot be set to AllowAnyOrigin, because then the response is not accepted, because the credentials are included
builder.WithOrigins("https://*.sharepoint.com")
.SetIsOriginAllowedToAllowWildcardSubdomains()
.AllowCredentials();
});
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy(new CookiePolicyOptions()
{
MinimumSameSitePolicy = SameSiteMode.None
});
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
编辑:我在同一个框中部署了另一个应用程序,它没有相同的无限循环问题。我复制了配置以匹配该应用程序,但它仍然不工作。两款新的.NET核心2.1应用程序
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
以及:
有人能帮忙吗?这似乎是微软和苹果的最新更新 iOS 13之前的iOS版本无法将“None”识别为SameSite的有效值,因此不会发送cookie。iOS 13已经修复了这一问题,但修复程序没有被后传到iOS的早期版本 这在今天意义重大,因为Chrome 80的cookies处理方式发生了变化,预计将于2020年2月4日发布。一旦发布,Chrome会将没有SameSite的cookie视为SameSite=lax,并且不会在iFrame、POST等场景中发送它们。不幸的是,在所有cookie上设置SameSite=None不会起作用,因为您在早期版本的iOS(和MacOS Safari)中发现了这个问题
app.UseAuthentication();