Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Development CodeIgniter 3.x iframe cookie blocked samesite policy
iframe cookie blocked samesite policy
  • Offline loxi_kal
    Newbie
  • *
  • Posts: 4
    Threads: 3
    Joined: May 2020
    Reputation: 0
#1
08-03-2020, 06:12 AM
(This post was last modified: 08-03-2020, 08:07 AM by jreklund.)

Since version 84 of chrome, linkedin content iframes are totally blocked and chrome displays the following message :

A cookie associated with a cross-site resource at http://google.com/ was set without the SameSite attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with SameSite=None and Secure.

I did a lot of research but I still can't find how I can set up my Content-Security-Policy and my headers exactly so that they accept iframes feeds from linkedin on CI 3.14.

I tried an ini_set in the config.php : 


Code:
ini_set('session.cookie_samesite', 'None');
ini_set('session.cookie_secure', TRUE);

I tried to modify the headers : 


Code:
$this->output->set_header("Content-Security-Policy", "default-src 'self' *.linkedin.com");

But nothing work at all ... How i can modify my headers, for accept the linkedin feeds iframe as 1-2 weeks ago ?

Thanks a lot by advance
Reply


Messages In This Thread
iframe cookie blocked samesite policy - by loxi_kal - 08-03-2020, 06:12 AM



Theme © iAndrew 2016 - Forum software by © MyBB