15 Answer(s)
-
0
hi @serdar
Please share the details of the problem you encountered.(engilish) : )
-
0
What kind of change is required to the aspnetzero code to fix this problem?
-
0
hi
You need copy the following code to the zero.
https://github.com/IdentityServer/IdentityServer4/blob/main/src/IdentityServer4/host/Extensions/SameSiteHandlingExtensions.cs https://github.com/IdentityServer/IdentityServer4/blob/main/src/IdentityServer4/host/Startup.cs#L43 https://github.com/IdentityServer/IdentityServer4/blob/main/src/IdentityServer4/host/Startup.cs#L113
-
0
In which project, to which file? Could you please be a clearer guide.
-
0
Hi
You can put the
SameSiteHandlingExtensionsin theWeb.Corelayer. CallAddSameSiteCookiePolicyandUseCookiePolicyinStartupclass ofWeb.MvcorWeb.Host -
0
I think you need to improve on replying to customers. Late and short answers aren't enough for everyone. For example your latest reply is a short one. In your place I would have ussued this as a patch to make sure customers get good service.
-
0
hi
Thanks for your suggestion! : )
-
0
- Step : Create new file on '/src/xxx.Web.Mvc/Startup/SameSiteHandlingExtensions.cs' The Code:
`public static class SameSiteHandlingExtensions { public static IServiceCollection AddSameSiteCookiePolicy(this IServiceCollection services) { services.Configure
private static void CheckSameSite(HttpContext httpContext, CookieOptions options) { if (options.SameSite == SameSiteMode.None) { var userAgent = httpContext.Request.Headers["User-Agent"].ToString(); if (!httpContext.Request.IsHttps || DisallowsSameSiteNone(userAgent)) { // For .NET Core < 3.1 set SameSite = (SameSiteMode)(-1) options.SameSite = SameSiteMode.Unspecified; } } } private static bool DisallowsSameSiteNone(string userAgent) { // Cover all iOS based browsers here. This includes: // - Safari on iOS 12 for iPhone, iPod Touch, iPad // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad // - Chrome on iOS 12 for iPhone, iPod Touch, iPad // All of which are broken by SameSite=None, because they use the iOS networking stack if (userAgent.Contains("CPU iPhone OS 12") || userAgent.Contains("iPad; CPU OS 12")) { return true; } // Cover Mac OS X based browsers that use the Mac OS networking stack. This includes: // - Safari on Mac OS X. // This does not include: // - Chrome on Mac OS X // Because they do not use the Mac OS networking stack. if (userAgent.Contains("Macintosh; Intel Mac OS X 10_14") && userAgent.Contains("Version/") && userAgent.Contains("Safari")) { return true; } // Cover Chrome 50-69, because some versions are broken by SameSite=None, // and none in this range require it. // Note: this covers some pre-Chromium Edge versions, // but pre-Chromium Edge does not require SameSite=None. if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6")) { return true; } return false; } }`- Step : Change (add) '/src/xxx.Web.Mvc/Startup/Startup.cs' like this :
-
0
Hi, I have done the same direction above, and login functionality is still elusive. Any other setup we need to do to get this through?
-
0
Same here. I have not been able to login at all on v8.7.0. Are the latest versions working, meaning did you incorporate the SameSite fix into them? If I have to upgrade, I will have to.
-
0
Can you try this :
-
0
Hi @serdar, Thank you so much for your response. I have modified the same as you have provided, but to no effect. Here is my current setup:
-
0
sory @fncoph...my fault...
this is my commit: (It will happen when you do these.)
-
0
I commit some example code. https://github.com/aspnetzero/aspnet-zero-core/commit/74b139eb0d8edd8658888189471cd3a192891779
-
0
Hi, Thank you so much for the reply. I have followed as you instructed. SameSiteHandlingExtension.cs
Web.Mvc
Web.Host
I even tried commenting the env.IsDevelopment condition as per @serdar said, but to no avail. I am not really sure what to do at this point as we cannot start anything without resolving it first. Thank you very much.
