the title may not be 100% clear but I have an issue to which I cannot find a solution... Let me (try to) explain :
I have a Laravel application (v5.5) and when I sign in, everything works fine. I can open a new tab, and my session is found so I do not need to sign in again, which is perfectly normal.
Except (!!!) when I click on a link (i.e from an email) from another tab : when I do this, I need to sign in.
It seems that the session data is completely empty and cannot be retrieved through the cookie. But if I open a new tab and try accessing the url by doing a simple copy/paste in the browser, I'm successfully logged in.
Moreover, after asking for my login/password after clicking the link from the other tab, the application does not redirect me to the queried url as it's supposed to, but rather redirect me to the home page.
Has anyone faced this issue? And maybe successfully solved it?
Thanks !
I've found out what was wrong: I had configured the "same_site" option to "strict" instead of "lax"... It works fine now !
Related
This is a really interesting problem related to cookies, I believe.
My index.php has a form, and it posts to post.php. post.php then manipulates the data and uses curl to then post it to webinarjam.net, a 3rd-party service not controlled by me.
webinarjam.net then displays a short success message that basically just contains a unique URL. The unique URL is to a thank-you page (hosted by webinarjam.net).
This all works beautifully. But here is the problem:
Clicking the URL only works in Incognito mode (?!) (i.e. clearing browser cookies first). Otherwise, webinarjam.net simply displays "Internal Server Error".
I have no idea why the presence of cookies would PREVENT a page from displaying.
How could I change my post.php such that the unique thank-you page URL will display correctly even without using Incognito mode of the browser?
Figuring this out would enable me to simply automatically redirect the user to that thank-you page URL upon form submission. (Currently, redirecting would just bring her to a page that says "Internal Server Error".)
P.S. In case this helps, I've also used the Advanced Rest Client extension within Chrome to try to post the same query data to webinarjam.net; the resulting unique thank-you page URL is then able to be displayed without using Incognito mode. So... what I need help figuring out is: what difference exists between the way my post.php and the Advanced Rest Client extension are posting to webinarjam.net?
I finally noticed that it wasn't just Incognito mode that worked; it was any browser OTHER than my main one.
And I eventually figured out that it was because my main browser was logged into the EverWebinar site.
I guess EverWebinar barfs (fails) whenever a logged-in admin of a webinar submits a form to sign up for that webinar (even using a different email address).
It seems like upon form submission, the system notices the session/cookies of the logged-in admin, and it says "no matter what, someone who owns this webinar shouldn't be signing up for it."
Occasionally I run into a problem logging into the Magento admin panel. The username and password I enter is correct and the url in the browser window tells me that I have logged in correctly (ie: I see domain.com/index.php/admin/areallylongstring), however the login window is displayed again. No error message telling me that the log in details are incorrect is displayed, I am just routed back to the log in window. Has anyone come across this before and can anyone please suggest a solution?
Thanks!
Try start a private browser session and see if you can login, if so clear your cookies for the website and you should be able to login.
I occasionally get this problem, next time I get it I will dig into the code with my debugger to see what is actually going on.
This problem arises due to multiple reasons and the cheapest solution for this will be comment out the following lines in one of core files of magento.
FILE :- app/code/core/Mage/Core/Model/Session/Abstract/Varien.php.
// set session cookie params
session_set_cookie_params(
$this->getCookie()->getLifetime(),
$this->getCookie()->getPath()//,
//dependes which versin of mage you are using, you may comment these as well
//$this->getCookie()->getDomain(),
//$this->getCookie()->isSecure(),
//$this->getCookie()->getHttponly()
);
Find out above code in that file and then comment out those three cookies as shown above.
But as I said it is the cheapest and easiest solution that you can go with. For more information, checkout this link
I encounter a cookie issue with my website.
When a customer click on "remember me" before log-in, a cookie is created, and then when he leave and come back later, he is automatically re-logged.
It works on firefox/IE & co, but not for chrome...
I have wrote a little script to test the cookies creation on chrome. Here it is :
<?php
if( isset($_GET['test']) ) setcookie('TESTSOMECOOKIE',1234,time()+60*60*24*365);
?>
It can't be more simple!
When I run the script :
The cookie is created properly.
If I close the tab and open a new one (without pass the test param), the cookie still exists.
If I close google chrome and re-open it, and go to the test script (without pass the test param), the cookie is not present anymore... and if I do that on firefox or IE no problem the cookie still present in all cases.
I'm trying this on a webserver ( not a local IP address ).
I have NOT activated the private navigation on chrome.
Cookies are enabled and works like on gmail/facebook, etc... chrome keep the cookies for these sites!
I already checked other issues posted on the web but no real answers about that...
So, this is a very weird issue that I would like to solve if possible.
If anyone have an idea...
Thank you very much for your suggestions and sorry for my english
Try to see if Keep local data only until I quit my browser is checked.
Its located in Settings > Content Settings > Cookies.
See if that helps.
I have a strange problem with Facebook Connect on one of my sites. It was working perfectly before this morning. I've checked all recent changes, and nothing seems to be related with this issue.
Note: I'm using FBML, and deleting cookies for my site and for Facebook with each test.
When I click the Facebook Connect Button, the login form appears correctly. The blank page occurs when Facebook checks the permissions at this URL:
https://www.facebook.com/dialog/permissions.request?[list of params...]
I have no Javascript errors, and no HTML is returned.
I tried to set the wanted permissions to perms="email" only, in case where the permissions changed in the pasts days, but I have the same problem.
Does anyone has a clue about this situation?
We were already scheduled to remove all FBML tags on this site, and replacing it with JS corrected the issue we had !
So the Facebook Connect using FBML seems no longer supported, even if it's supposed to be.
I've been working on this problem all day long, so I really need your help.
I'm trying to create a multi-site login system with Facebook Connect and unfortunatly I can't retrieve Cookies.
Here's a little more details:
I'm having a website (www.first.com) which has an iFrame to www.second.com, which display the Facebook Connect button. I have to use this method because a Facebook App is only valid for 1 website, and I will need to use it on multiple.
When the user clicks on the button and log into Facebook, he is redirect to www.second.com, which saves values in a database, which is later retrieved on www.first.com
Everything is working fine in Firefox, IE 8/7 works fine too since I've added the P3P header.
The problem is that I can't make it work on Safari, which requires some kind of interaction from this user to the iframe.
I found a code ( http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/ ) but I'm not sure how to use it, I've tried every possible way (I think), and nothing. I guess it doesn't work because I would need to use this on Facebook's server (which i can obviously ;) )
Does anyone have an idea?
Sorry for the huge block of text ;) let me know if you need more information.
Cross Domain Cookies sounds like a security-bug.
Are you sure you don't offend against the same origin policy?
In fact afaik, you can't access a cookies for first.com from second.com