Base solution for your next web application
Open Closed

Solution for unable to log in via http in the new chrome. #9537 #9543

User avatar
0
talentra created

  1. çözüm öneriniz(https) işe yaramıyor. Biraz daha detay verebilir misiniz ?

Go to accepted answer
15 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    hi @serdar

    Please share the details of the problem you encountered.(engilish) : )

  • User Avatar
    0
    talentra created

    What kind of change is required to the aspnetzero code to fix this problem?

  • User Avatar
    0
    maliming created
    Support Team
  • User Avatar
    0
    talentra created

    In which project, to which file? Could you please be a clearer guide.

  • User Avatar
    0
    maliming created
    Support Team

    Hi

    You can put the SameSiteHandlingExtensions in the Web.Core layer. Call AddSameSiteCookiePolicy and UseCookiePolicy in Startup class of Web.Mvc or Web.Host

  • User Avatar
    0
    talentra created

    I think you need to improve on replying to customers. Late and short answers aren't enough for everyone. For example your latest reply is a short one. In your place I would have ussued this as a patch to make sure customers get good service.

  • User Avatar
    0
    maliming created
    Support Team

    hi

    Thanks for your suggestion! : )

  • User Avatar
    0
    talentra created

    1. Step : Create new file on '/src/xxx.Web.Mvc/Startup/SameSiteHandlingExtensions.cs'
      The Code:

    `public static class SameSiteHandlingExtensions
    {
    public static IServiceCollection AddSameSiteCookiePolicy(this IServiceCollection services)
    {
    services.Configure(options =>
    {
    options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
    options.OnAppendCookie = cookieContext =>
    CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
    options.OnDeleteCookie = cookieContext =>
    CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
    });
    return services;
    }

        private static void CheckSameSite(HttpContext httpContext, CookieOptions options)
    {
        if (options.SameSite == SameSiteMode.None)
        {
            var userAgent = httpContext.Request.Headers["User-Agent"].ToString();
            if (!httpContext.Request.IsHttps || DisallowsSameSiteNone(userAgent))
            {
                // For .NET Core < 3.1 set SameSite = (SameSiteMode)(-1)
                options.SameSite = SameSiteMode.Unspecified;
            }
        }
    }

    private static bool DisallowsSameSiteNone(string userAgent)
    {
        // Cover all iOS based browsers here. This includes:
        // - Safari on iOS 12 for iPhone, iPod Touch, iPad
        // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad
        // - Chrome on iOS 12 for iPhone, iPod Touch, iPad
        // All of which are broken by SameSite=None, because they use the iOS networking stack
        if (userAgent.Contains("CPU iPhone OS 12") || userAgent.Contains("iPad; CPU OS 12"))
        {
            return true;
        }

        // Cover Mac OS X based browsers that use the Mac OS networking stack. This includes:
        // - Safari on Mac OS X.
        // This does not include:
        // - Chrome on Mac OS X
        // Because they do not use the Mac OS networking stack.
        if (userAgent.Contains("Macintosh; Intel Mac OS X 10_14") &&
            userAgent.Contains("Version/") && userAgent.Contains("Safari"))
        {
            return true;
        }

        // Cover Chrome 50-69, because some versions are broken by SameSite=None, 
        // and none in this range require it.
        // Note: this covers some pre-Chromium Edge versions, 
        // but pre-Chromium Edge does not require SameSite=None.
        if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6"))
        {
            return true;
        }

        return false;
    }
}`

    1. Step : Change (add) '/src/xxx.Web.Mvc/Startup/Startup.cs' like this :

    2020-08-26_16-02-23.jpg

  • User Avatar
    0
    fncoph created

    Hi,
    I have done the same direction above, and login functionality is still elusive. Any other setup we need to do to get this through?

  • User Avatar
    0
    alharethi created

    Same here. I have not been able to login at all on v8.7.0. Are the latest versions working, meaning did you incorporate the SameSite fix into them? If I have to upgrade, I will have to.

  • User Avatar
    0
    talentra created

    2020-08-30_12-18-49.jpg

    Can you try this :

    2020-08-30_12-17-41.jpg

  • User Avatar
    0
    fncoph created

    Hi @serdar,
    Thank you so much for your response.
    I have modified the same as you have provided, but to no effect. Here is my current setup:
    image.png

  • User Avatar
    0
    talentra created

    sory @fncoph...my fault...

    this is my commit: (It will happen when you do these.)

    2020-08-30_20-37-03.jpg

  • User Avatar
    0
    maliming created
    Support Team
  • User Avatar
    0
    fncoph created

    Hi,
    Thank you so much for the reply.
    I have followed as you instructed.
    SameSiteHandlingExtension.cs
    image.png

    Web.Mvc
    image.png

    Web.Host
    image.png

    I even tried commenting the env.IsDevelopment condition as per @serdar said, but to no avail.
    I am not really sure what to do at this point as we cannot start anything without resolving it first.
    Thank you very much.

Assignee
No one
Labels
None yet