Net Core 3.1 iframe中没有会话
当我们将我们的应用程序(net core 3.1,带vuejs的单页应用程序)嵌入到另一个域中某个页面的iframe中时,对会话变量的请求总是空的 很高兴知道: 进入页面时,首先要求用户填写一个名称,然后将其存储在会话中 如果页面嵌入在同一个域(我们的网站)的某个页面上,那么这种机制可以正常工作,但是当从另一个域的iframe调用应用程序时,会话总是空的 我读了一些关于“samesite cookie”的帖子,我想这就是配置和解决这个问题的方法? 我尝试过一些解决方案和例子,但没有任何不同 这是startup.cs中的代码。 久别了..抱歉 我已禁用所有samesite设置 需要哪些设置才能执行此操作Net Core 3.1 iframe中没有会话,iframe,.net-core,samesite,Iframe,.net Core,Samesite,当我们将我们的应用程序(net core 3.1,带vuejs的单页应用程序)嵌入到另一个域中某个页面的iframe中时,对会话变量的请求总是空的 很高兴知道: 进入页面时,首先要求用户填写一个名称,然后将其存储在会话中 如果页面嵌入在同一个域(我们的网站)的某个页面上,那么这种机制可以正常工作,但是当从另一个域的iframe调用应用程序时,会话总是空的 我读了一些关于“samesite cookie”的帖子,我想这就是配置和解决这个问题的方法? 我尝试过一些解决方案和例子,但没有任何不同 这是
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
//options.CheckConsentNeeded = context => false; // consent required
//options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddSession(opts =>
{
opts.IdleTimeout = TimeSpan.FromMinutes(60);
//opts.Cookie.Name = "livestreamsupport.session";
opts.Cookie.HttpOnly = true;
opts.Cookie.IsEssential = true;
//opts.Cookie.SameSite = SameSiteMode.None;
//opts.Cookie.SecurePolicy = CookieSecurePolicy.None;
});
//Add service for accessing current HttpContext
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddMemoryCache();
//services.AddDistributedMemoryCache();
services.AddAutoMapper(typeof(Startup));
//add custom services
services.AddTransient<ISurvey, Survey>();
services.AddTransient<IQuestion, Question>();
//services.AddDistributedMemoryCache();
services.AddControllersWithViews().AddRazorRuntimeCompilation();
services.AddControllers().AddNewtonsoftJson();
services.AddDbContextPool<ApplicationContext>(
options => options.UseMySql(Configuration.GetConnectionString("DefaultConnection"),
mySqlOptions =>
{
mySqlOptions.ServerVersion(new Version(5, 7, 17), ServerType.MySql)
.EnableRetryOnFailure(
maxRetryCount: 10,
maxRetryDelay: TimeSpan.FromSeconds(30),
errorNumbersToAdd: null);
})
);
services.AddDefaultIdentity<User>()
.AddRoles<IdentityRole>()
.AddRoleManager<RoleManager<IdentityRole>>()
.AddEntityFrameworkStores<ApplicationContext>();
services.Configure<IdentityOptions>(options =>
{
// Password settings
options.Password.RequireDigit = true;
options.Password.RequiredLength = 8;
options.Password.RequireNonAlphanumeric = true;
options.Password.RequireUppercase = true;
options.Password.RequireLowercase = true;
// Lockout settings
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
options.Lockout.MaxFailedAccessAttempts = 10;
// User settings
options.User.RequireUniqueEmail = true;
});
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = IdentityConstants.ApplicationScheme;
options.DefaultChallengeScheme = IdentityConstants.ApplicationScheme;
options.DefaultSignInScheme = IdentityConstants.ExternalScheme;
});
//services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
//{
// //options.LoginPath = new PathString("/login");
// options.Cookie.SameSite = SameSiteMode.None;
// options.Cookie.SecurePolicy = CookieSecurePolicy.None;
//});
services.AddAuthorization();
//services.ConfigureApplicationCookie(options => {
// options.Cookie.SameSite = SameSiteMode.None;
// //options.LoginPath = "/Account/Login";
// //options.LogoutPath = "/Account/Logout";
// //options.AccessDeniedPath = "/Account/Login";
//});
//services.AddAntiforgery(opts => {
// opts.Cookie.SameSite = SameSiteMode.None;
//});
services.AddSignalR();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseRouting();
app.UseHttpsRedirection();
//app.UseHttpsRedirection();
app.UseDefaultFiles();
var supportedCultures = new[] { "en-US", "en" };
var localizationOptions = new RequestLocalizationOptions().SetDefaultCulture(supportedCultures[0])
.AddSupportedCultures(supportedCultures)
.AddSupportedUICultures(supportedCultures);
app.UseRequestLocalization(localizationOptions);
app.UseStaticFiles();
//app.UseCookiePolicy(new CookiePolicyOptions
//{
// MinimumSameSitePolicy = SameSiteMode.None
//});
app.UseAuthentication();
app.UseAuthorization();
//app.UseCors();
app.UseSession();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapHub<ChatHub>("/chatHub");
endpoints.MapControllers();
//zorg ervoor dat geen gebruik kan worden gemaakt van de default identity routes
endpoints.MapGet("/Identity/Account/Login",context => Task.Factory.StartNew(() => context.Response.Redirect("/Account/Login", true, true)));
//endpoints.MapDefaultControllerRoute();
endpoints.MapControllerRoute("default", "{controller=Home}/{action=Index}/{id?}");
endpoints.MapControllerRoute(
name: "api",
pattern: "api/{controller}/{action}/{id?}",
defaults: new { controller = "survey", action = "getpollresults" });
});
//maak de httpcontext beschikbaar in de applicatie
AppHttpContext.Services = app.ApplicationServices;
}
public void配置服务(IServiceCollection服务)
{
配置(选项=>
{
//options.checkApproveRequired=context=>false;//需要同意
//options.MinimumSameSitePolicy=SameSiteMode.None;
});
services.AddSession(opts=>
{
opts.IdleTimeout=TimeSpan.frommins(60);
//opts.Cookie.Name=“livestreamsupport.session”;
opts.Cookie.HttpOnly=true;
opts.Cookie.IsEssential=true;
//opts.Cookie.SameSite=SameSiteMode.None;
//opts.Cookie.SecurePolicy=CookieSecurePolicy.None;
});
//添加用于访问当前HttpContext的服务
services.AddSingleton();
services.AddMemoryCache();
//AddDistributedMemoryCache();
AddAutoMapper(类型(启动));
//添加自定义服务
services.AddTransient();
services.AddTransient();
//AddDistributedMemoryCache();
services.AddControllersWithViews().AddRazorRuntimeCompilation();
services.AddControllers().AddNewtonsoftJson();
services.AddDbContextPool(
options=>options.UseMySql(Configuration.GetConnectionString(“DefaultConnection”),
mySqlOptions=>
{
ServerVersion(新版本(5,7,17),ServerType.MySql)
.EnableRetryOnFailure(
最大计数:10,
maxRetryDelay:TimeSpan.FromSeconds(30),
errorNumbersToAdd:null);
})
);
services.AddDefaultIdentity()
.AddRoles()
.AddRoleManager()
.AddEntityFrameworkStores();
配置(选项=>
{
//密码设置
options.Password.RequireDigit=true;
options.Password.RequiredLength=8;
options.Password.RequireNonAlphanumeric=true;
options.Password.RequireUppercase=true;
options.Password.RequireLowercase=true;
//锁定设置
options.Lockout.DefaultLockoutTimeSpan=TimeSpan.FromMinutes(30);
options.locket.MaxFailedAccessAttempts=10;
//用户设置
options.User.RequireUniqueEmail=true;
});
services.AddAuthentication(选项=>
{
options.DefaultAuthenticateScheme=IdentityConstants.ApplicationScheme;
options.DefaultChallengeScheme=IdentityConstants.ApplicationScheme;
options.defaultsignnscheme=IdentityConstants.ExternalScheme;
});
//services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(选项=>
//{
////options.LoginPath=新路径字符串(“/login”);
//options.Cookie.SameSite=SameSiteMode.None;
//options.Cookie.SecurePolicy=CookieSecurePolicy.None;
//});
services.AddAuthorization();
//services.configureApplicationOK(选项=>{
//options.Cookie.SameSite=SameSiteMode.None;
////options.LoginPath=“/Account/Login”;
////options.LogoutPath=“/Account/Logout”;
////options.AccessDeniedPath=“/Account/Login”;
//});
//services.AddAntiforgery(选项=>{
//opts.Cookie.SameSite=SameSiteMode.None;
//});
services.AddSignalR();
}
public void配置(IApplicationBuilder应用程序、IWebHostEnvironment环境、iLogger工厂)
{
if(env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
其他的
{
app.UseExceptionHandler(“/Error”);
//默认的HSTS值为30天。您可能希望在生产场景中更改此值,请参阅https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseRouting();
app.UseHttpsRedirection();
//app.UseHttpsRedirection();
app.UseDefaultFiles();
var-supportedCultures=new[]{“en-US”,“en”};
var localizationOptions=new RequestLocalizationOptions().SetDefaultCulture(supportedCultures[0])
.AddSupportedCultures(supportedCultures)
.添加支持教育(支持文化);
app.UseRequestLocalization(localizationOptions);
app.UseStaticFiles();
//应用程序。使用CookiePolicy(新CookiePolicy选项
//{
//MinimumSameSitePolicy=SameSiteMode.None
//});
app.UseAuthentication();
app.UseAuthorization();
//app.UseCors();
app.UseSession();
app.UseEndpoints(端点=>
{
endpoints.MapRazorPages();
endpoints.MapHub(“/chatHub”);
endpoints.MapControllers();
//zorg ervoor dat geen gebruik在默认身份路由中的应用
endpoints.MapGet(“/Identity/Account/Login”,context=>Task.Factory.StartNew(()=>context.Response.Redirect(“/Account/Login”,true,true));
//e
<rewrite>
<outboundRules>
<clear />
<rule name="Add SameSite" preCondition="No SameSite">
<match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
<action type="Rewrite" value="{R:0}; SameSite=None;Secure=true" />
</rule>
<preConditions>
<preCondition name="No SameSite">
<add input="{RESPONSE_Set_Cookie}" pattern="." />
<add input="{RESPONSE_Set_Cookie}" pattern="; SameSite=None;Secure=true" negate="true" />
</preCondition>
</preConditions>
</outboundRules>