Nginx configuration solves Chrome browser SameSite cross-domain problem
Recently, I have repeatedly encountered cross-domain problems with chrome in the joint debugging interface, and the solution was smooth, but suddenly a customer insisted on using the chrome 63 version. . . . . . I have been tossing for a long time and there is no good solution. I can only use nginx to identify the chrome browser version and decide to return the cookie value to solve it.
Reference link:
Reference link: Chrome has modified the cookie security policy .
Reference link: Set the HttpOnly Secure SameSite parameter through Nginx to solve the cross-domain loss of cookies .
Reference link: About the problem of iframe cross-domain cookie loss under IE .
Reference link: nginx cross-domain configuration .
Reference link : Module ngx_http_map_module .
Reference link: nginx common regular matching symbol representation .
1. Environment
Browser Firefox, Chrome 63, Chrome 92
Two, Nginx configuration
- Define map
Add a map definition under http in the nginx.conf configuration file, and identify whether there are Chrome 80, Chrome 90, Chrome 100, and Chrome 110 versions from $http_user_agent (100 and 110 are prepared for future Chrome versions).
map $http_user_agent $samesite_attr {
"~*((chrome/8)|(chrome/9)|(chrome/10)|(chrome/11))" '/; httponly; secure; SameSite=None';
default '/';
}
- Nginx configures Chrome browser SameSite
to add the definition of proxy_cookie_path in the location to quote $samesite_attr
proxy_cookie_path / "$samesite_attr";
- Configure IE browser cross-domain
Add definition P3P in location
#add_header P3P 'policyref="/w3c/p3p.xml", CP="NOI DSP PSAa OUR BUS IND ONL UNI COM NAV INT LOC"';
add_header P3P 'CAO PSA OUR';