samesite-examples icon indicating copy to clipboard operation
samesite-examples copied to clipboard
verified publisher icon GoogleChromeLabs

[Question] Cross-site cookie between HTTP and HTTPS?

Open Ezyhoo opened this issue 5 years ago • 2 comments

The frontend of my website hosted on the surge.sh, which uses HTTP. The backend of my website hosted on Heroku, which uses HTTPS.

The website was working fine a few months ago.

Now, the server could not read the cookie from the request anymore. By investigating, I believe the samesite and secure cookie policy disable this pattern.

Is this the issue? If yes, any workaround or recommendation?

Ezyhoo avatar Oct 17 '20 05:10 Ezyhoo

I am also having the same problem, Did you get the answer?

pvrahul271199 avatar Dec 20 '20 19:12 pvrahul271199

I am also having the same problem, Did you get the answer?

Using cookie attributes sameSite (None) and secure (true) should resolve the issue.

Ezyhoo avatar Dec 20 '20 22:12 Ezyhoo