ruby on rails - How to set SameSite attribute to 'None; Secure' in Rails3.1.12 and Ruby1.9.3

Question

Welcome To Ask or Share your Answers For Others

ruby on rails - How to set SameSite attribute to 'None; Secure' in Rails3.1.12 and Ruby1.9.3

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

ruby on rails - How to set SameSite attribute to 'None; Secure' in Rails3.1.12 and Ruby1.9.3

A cookie associated with a cross-site resource at https://example.com/ was set without the SameSite attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

Please let me know how to set the SameSite cookie attribute. Thanks in advance.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T17:59:05+0000

In Rails 6.0 and 6.1 the same_site attribute has been added:

cookies["foo"] = {
  value: "bar",
  secure: Rails.application.config.secure_cookies,
  same_site: "None"
}

For Rails 5.x and lower, the rails_same_site_cookie gem is a good option for adding SameSite=None; to all your app's cookies. It uses middleware to do it.

Categories

ruby on rails - How to set SameSite attribute to 'None; Secure' in Rails3.1.12 and Ruby1.9.3

ruby on rails - How to set SameSite attribute to 'None; Secure' in Rails3.1.12 and Ruby1.9.3

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags