Home >Operation and Maintenance >Nginx >How to configure nginx client to save cookies
After deploying a dotnet core background service left by predecessors, I carefully modified the front-end code on the server and changed the ajax request address to localhost. Login and request data are normal. However, I changed the localhost to the IP address and found that the login was normal and the cookie was returned. However, when verifying the login status (sending a request to the background and verifying the cookie carried), an error was reported. It kept 401
. The front-end and back-end of this program The end was not written by me, so I asked the front-end developer:
#Although the cookie was returned successfully, the cookie request header was not carried in the subsequent request. It was strange, and then I discovered:
According to the prompts, the browser wanted to save the cookie, but Secure was set in Set-Cookie, so it was blocked.
Then I will remove Secure!
At the same time, samesite=none must also be modified, because samesite=none must be used in conjunction with secure. You can change the value to strict
Strict rules are the strictest and completely prohibit the sending of third-party cookies. Regardless of the circumstances when accessing across sites. The cookie will only be carried if the URL of the current page matches the requested target.
Settings in nginx:
proxy_cookie_flags ~ nosecure samesite=strict;
Let’s talk a little bit more
The cookie attribute secure can only be accessed under https. I am migrating from https environment to http environment ( Don’t learn this reverse unsafe method).
The nginx I set up is as follows, but the actual use should also be considered for the specific situation:
location /rf/ { proxy_pass http://localhost:5001/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-PORT $remote_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cookie_path / /; proxy_set_header Cookie $http_cookie; proxy_cookie_flags ~ nosecure samesite=strict; }
The above is the detailed content of How to configure nginx client to save cookies. For more information, please follow other related articles on the PHP Chinese website!