Unable to log in after Google browser upgrade

Be this problem toss about for a long time, say a solution first!

1. Ensure that the IP address and interface address of the system belong to the same domain name and port number. That is, cross-domain problems do not exist

2. Use token authentication instead of cookies

Cause: The reason why you cannot log in after the Google Browser upgrade is that the browser restricts the use of third-party cookies to shield the CSRF vulnerability. The authentication method of our current system is that the back end will set a setCookie when entering the system for the first time. After successful login, all interfaces will verify according to whether the cookie value in the response header is the same as the setCookie value. It happens that the system is a cross-domain request (that is, the domain name and port number of IP address and interface address are different). So you have login and then you jump back to the login page.

Before version 90, it was possible to temporarily fix this problem by setting the browser, but after version 90, it was completely disabled in Google Browser. This indicates that cookie authentication is being phased out in the future.

If you develop a system before, it is recommended to use token authentication, rather than cookies, after all, no one can guarantee cross-domain.

Unable to log in after Google browser upgrade

1. Ensure that the IP address and interface address of the system belong to the same domain name and port number. That is, cross-domain problems do not exist

2. Use token authentication instead of cookies

Related Posts

Js Event delegate (event agent)

This is definitely the most explicit -NodeJS module system

Egret Engine 101 (Egret)