Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Changing Session cookie - samesite v4.6.1
Changing Session cookie - samesite v4.6.1
  • Offline codeus
    PHP on the beach
  • **
  • Posts: 25
    Threads: 10
    Joined: Feb 2020
    Reputation: 0
#1
Today, 01:07 AM
(This post was last modified: Today, 01:19 AM by codeus.)

Hi all,
Using v4.6.1 - in app/Config/Cookie.php - after changing samesite setting to 'None'

PHP Code:
    public string $samesite 'None'

Console error is:
Quote:Cookie “pm_id” has been rejected because it is in a cross-site context ...

Still get cross-site errors. I'm doing this for testing, connecting to the remote CI4 server from localhost on local machine.

I've tried using Cookie helper to no avail-:
PHP Code:
helper('cookie');
 set_cookie('session_id'''3600'',''truetrue'None'); 

Is it possible to force samesite to 'None' for the CI session cookie?

Many thanks,
Mike
Reply
  • Offline paulbalandan
    CodeIgniter Team | Auditor
  • Posts: 312
    Threads: 10
    Joined: Jul 2020
    Reputation: 27
#2
7 hours ago

Just to confirm, are you the one setting up the cookie named "pm_id"? From your example, it seems the name is "session_id".
Reply
  • Offline codeus
    PHP on the beach
  • **
  • Posts: 25
    Threads: 10
    Joined: Feb 2020
    Reputation: 0
#3
25 minutes ago
(This post was last modified: 23 minutes ago by codeus.)

(1 hour ago)codeus Wrote:
(7 hours ago)paulbalandan Wrote: Just to confirm, are you the one setting up the cookie named "pm_id"? From your example, it seems the name is "session_id".


Confirmed: whether using 'session_id', or 'pm_id', the issue remains the same.

I believe this is a bug. Any setting in Cookie $samesite appears to be overridden by the default Lax setting.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB