Home >Operation and Maintenance >Nginx >How to configure nginx client to save cookies

How to configure nginx client to save cookies

WBOY
WBOYforward
2023-05-28 17:25:251705browse

Question

After deploying a dotnet core background service left by predecessors, I carefully modified the front-end code on the server and changed the ajax request address to localhost. Login and request data are normal. However, I changed the localhost to the IP address and found that the login was normal and the cookie was returned. However, when verifying the login status (sending a request to the background and verifying the cookie carried), an error was reported. It kept 401

. The front-end and back-end of this program The end was not written by me, so I asked the front-end developer:

How to configure nginx client to save cookies

#Although the cookie was returned successfully, the cookie request header was not carried in the subsequent request. It was strange, and then I discovered:

How to configure nginx client to save cookies

According to the prompts, the browser wanted to save the cookie, but Secure was set in Set-Cookie, so it was blocked.

How to configure nginx client to save cookies

Solution

Then I will remove Secure!
At the same time, samesite=none must also be modified, because samesite=none must be used in conjunction with secure. You can change the value to strict

Strict rules are the strictest and completely prohibit the sending of third-party cookies. Regardless of the circumstances when accessing across sites. The cookie will only be carried if the URL of the current page matches the requested target.

Settings in nginx:

proxy_cookie_flags ~ nosecure samesite=strict;

Let’s talk a little bit more

The cookie attribute secure can only be accessed under https. I am migrating from https environment to http environment ( Don’t learn this reverse unsafe method).

The nginx I set up is as follows, but the actual use should also be considered for the specific situation:

 	location /rf/ {
        proxy_pass  http://localhost:5001/;
	    proxy_set_header Host $host;
	    proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Real-PORT $remote_port;
      
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

	    proxy_cookie_path  / /;
	    proxy_set_header   Cookie $http_cookie;
 	    proxy_cookie_flags ~ nosecure samesite=strict;
   }

The above is the detailed content of How to configure nginx client to save cookies. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete