Javascript 与位于<;的跨站点资源关联的cookie;URL>;提交表单时未设置“SameSite”属性
我在客户网站上有一个worldpay表单,如果不在safari上禁用阻止跨站点跟踪,它在iPad上就无法工作。 这似乎与跨站点cookie有关 表单如下所示:Javascript 与位于<;的跨站点资源关联的cookie;URL>;提交表单时未设置“SameSite”属性,javascript,google-chrome,safari,cross-domain,Javascript,Google Chrome,Safari,Cross Domain,我在客户网站上有一个worldpay表单,如果不在safari上禁用阻止跨站点跟踪,它在iPad上就无法工作。 这似乎与跨站点cookie有关 表单如下所示: <div class="d-none"> <form action="https://secure.worldpay.com/wcc/purchase" target="payment-iframe" method="post" id="worldpayForm"> <input ty
<div class="d-none">
<form action="https://secure.worldpay.com/wcc/purchase" target="payment-iframe" method="post" id="worldpayForm">
<input type="hidden" id="instId" name="instId">
<input type="hidden" id="cartId" name="cartId">
<input type="hidden" id="amount" name="amount">
<input type="hidden" id="currency" name="currency">
<input type="submit" id="makePayment" value="Buy This ">
</form>
</div>
<iframe name="payment-iframe" style="min-width: 760px; min-height: 450px; border: 0;"></iframe>
如果我把那行注释掉,我就不会得到chrome警告。
我在某个地方读到,你可以添加以下内容:
response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=Strict");
但这似乎只是在谈论向其他域发出请求。我怎样才能在我的案例中应用它呢?我设法解决了这个问题。是的,我已经有了自己的cookie解决方案:
export function getCookie(name) {
var i, x, y;
const arCookies = document.cookie.split(';');
for (i = 0; i < arCookies.length; i++) {
x = arCookies[i].substr(0, arCookies[i].indexOf('='));
y = arCookies[i].substr(arCookies[i].indexOf('=') + 1);
x = x.replace(/^\s+|\s+$/g, '');
if (x === name) {
return unescape(y);
}
}
return '';
}
export function setCookie(name, value, expiresInDays) {
const expiryDate = new Date();
expiryDate.setDate(expiryDate.getDate() + expiresInDays);
const cookieValue = escape(value) + (expiresInDays === null ? '' : `; expires=${expiryDate.toUTCString()}`);
document.cookie = `${name}=${cookieValue}`;
}
export function clearCookies() {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i];
const eqPos = cookie.indexOf('=');
const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;`;
}
}
导出函数getCookie(名称){
变量i,x,y;
const arCookies=document.cookie.split(“;”);
对于(i=0;i-1?cookie.substr(0,eqPos):cookie;
document.cookie=`${name}=;expires=Thu,1970年1月1日00:00:00 GMT;`;
}
}
我刚刚将其更新为:
export function getCookie(name) {
var i, x, y;
const arCookies = document.cookie.split(';');
for (i = 0; i < arCookies.length; i++) {
x = arCookies[i].substr(0, arCookies[i].indexOf('='));
y = arCookies[i].substr(arCookies[i].indexOf('=') + 1);
x = x.replace(/^\s+|\s+$/g, '');
if (x === name) {
return unescape(y);
}
}
return '';
}
export function setCookie(name, value, expiresInDays) {
const expiryDate = new Date();
expiryDate.setDate(expiryDate.getDate() + expiresInDays);
const cookieValue = escape(value) + (expiresInDays === null ? '' : `; expires=${expiryDate.toUTCString()}`);
document.cookie = `${name}=${cookieValue};SameSite=Strict;secure`;
}
export function clearCookies() {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i];
const eqPos = cookie.indexOf('=');
const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;SameSite=Strict;secure`;
}
}
导出函数getCookie(名称){
变量i,x,y;
const arCookies=document.cookie.split(“;”);
对于(i=0;i-1?cookie.substr(0,eqPos):cookie;
document.cookie=`${name}=;expires=Thu,1970年1月1日00:00:00 GMT;SameSite=Strict;secure`;
}
}
现在一切都正常了。我设法解决了这个问题。是的,我已经有了自己的cookie解决方案:
export function getCookie(name) {
var i, x, y;
const arCookies = document.cookie.split(';');
for (i = 0; i < arCookies.length; i++) {
x = arCookies[i].substr(0, arCookies[i].indexOf('='));
y = arCookies[i].substr(arCookies[i].indexOf('=') + 1);
x = x.replace(/^\s+|\s+$/g, '');
if (x === name) {
return unescape(y);
}
}
return '';
}
export function setCookie(name, value, expiresInDays) {
const expiryDate = new Date();
expiryDate.setDate(expiryDate.getDate() + expiresInDays);
const cookieValue = escape(value) + (expiresInDays === null ? '' : `; expires=${expiryDate.toUTCString()}`);
document.cookie = `${name}=${cookieValue}`;
}
export function clearCookies() {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i];
const eqPos = cookie.indexOf('=');
const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;`;
}
}
导出函数getCookie(名称){
变量i,x,y;
const arCookies=document.cookie.split(“;”);
对于(i=0;i-1?cookie.substr(0,eqPos):cookie;
document.cookie=`${name}=;expires=Thu,1970年1月1日00:00:00 GMT;`;
}
}
我刚刚将其更新为:
export function getCookie(name) {
var i, x, y;
const arCookies = document.cookie.split(';');
for (i = 0; i < arCookies.length; i++) {
x = arCookies[i].substr(0, arCookies[i].indexOf('='));
y = arCookies[i].substr(arCookies[i].indexOf('=') + 1);
x = x.replace(/^\s+|\s+$/g, '');
if (x === name) {
return unescape(y);
}
}
return '';
}
export function setCookie(name, value, expiresInDays) {
const expiryDate = new Date();
expiryDate.setDate(expiryDate.getDate() + expiresInDays);
const cookieValue = escape(value) + (expiresInDays === null ? '' : `; expires=${expiryDate.toUTCString()}`);
document.cookie = `${name}=${cookieValue};SameSite=Strict;secure`;
}
export function clearCookies() {
const cookies = document.cookie.split(';');
for (let i = 0; i < cookies.length; i++) {
const cookie = cookies[i];
const eqPos = cookie.indexOf('=');
const name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;SameSite=Strict;secure`;
}
}
导出函数getCookie(名称){
变量i,x,y;
const arCookies=document.cookie.split(“;”);
对于(i=0;i-1?cookie.substr(0,eqPos):cookie;
document.cookie=`${name}=;expires=Thu,1970年1月1日00:00:00 GMT;SameSite=Strict;secure`;
}
}
现在一切正常。您能提供更多信息吗?您需要在Safari中禁用哪些选项?您知道哪个cookie受到影响吗?它是用于
worldpay.com
还是用于您的域名?您可以尝试查看,看看是否识别您的用例。更新了我的问题并添加了解决方案。您可以提供更多信息吗?您需要在Safari中禁用哪些选项?您知道哪个cookie受到影响吗?它是用于worldpay.com
还是用于您的域名?您可以尝试查看,看看是否识别您的用例。更新了我的问题并添加了解决方案