How to configure nginx client to save cookies-Nginx-php.cn

How to configure nginx client to save cookies

WBOY

Release： 2023-05-28 17:25:25

forward

1675 people have browsed it

Question

After deploying a dotnet core background service left by predecessors, I carefully modified the front-end code on the server and changed the ajax request address to localhost. Login and request data are normal. However, I changed the localhost to the IP address and found that the login was normal and the cookie was returned. However, when verifying the login status (sending a request to the background and verifying the cookie carried), an error was reported. It kept 401

. The front-end and back-end of this program The end was not written by me, so I asked the front-end developer:

How to configure nginx client to save cookies

#Although the cookie was returned successfully, the cookie request header was not carried in the subsequent request. It was strange, and then I discovered:

How to configure nginx client to save cookies

According to the prompts, the browser wanted to save the cookie, but Secure was set in Set-Cookie, so it was blocked.

How to configure nginx client to save cookies

Solution

Then I will remove Secure!
At the same time, samesite=none must also be modified, because samesite=none must be used in conjunction with secure. You can change the value to strict

Strict rules are the strictest and completely prohibit the sending of third-party cookies. Regardless of the circumstances when accessing across sites. The cookie will only be carried if the URL of the current page matches the requested target.

Settings in nginx:

proxy_cookie_flags ~ nosecure samesite=strict;

Copy after login

Let’s talk a little bit more

The cookie attribute secure can only be accessed under https. I am migrating from https environment to http environment ( Don’t learn this reverse unsafe method).

The nginx I set up is as follows, but the actual use should also be considered for the specific situation:

 	location /rf/ {
        proxy_pass  http://localhost:5001/;
	    proxy_set_header Host $host;
	    proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-PORT $remote_port;
      
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

	    proxy_cookie_path  / /;
	    proxy_set_header   Cookie $http_cookie;
 	    proxy_cookie_flags ~ nosecure samesite=strict;
   }

Copy after login

The above is the detailed content of How to configure nginx client to save cookies. For more information, please follow other related articles on the PHP Chinese website!