After updating the chrome to 80 (Version 80.0.3987.149 (64-bit)) recently and clearing cookies of the browser we are seeing below issue in our ASP.Net MVC application.
Session/Cookies are resetting to blank when redirecting to other page. Application is embedded in a iFrame.
I have tried setting Same site to "None" in web.config in below ways but none of them worked -
<sessionState cookieSameSite="None" timeout="60" />
<httpCookies sameSite="None" />
Also installed URL rewrite to override set cookie on IIS -
<rewrite>
<outboundRules>
<rule name="AddSameSiteCookieFlag">
<match serverVariable="RESPONSE_Set-Cookie" pattern="^(.*)(CFID|CFTOKEN|JSESSIONID|ASP.NET_SessionId)(=.*)$" />
<action type="Rewrite" value="{R:0};SameSite=None" />
</rule>
</outboundRules>
</rewrite>
Any help please...
Thanks in advance.
I had a similar issue and after doing a lot of research. It is solved by adding a requireSSL
attribute in <sessionState>
<httpCookies sameSite="None" requireSSL="true" />
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.