3rd party cookies alternative for chat plugin
Question
I have a chat plugin which in some cases is intended to work cross-domain (ie the app is installed on a.com while the plugin is used on b.com ). In order to authenticate users the app relies on a third-party cookie. This poses a problem due to the decision of modern browsers to opt completely out from using 3rd party cookies for security reasons.
I want to find a viable workaround to this issue and possible alternatives to 3rd party cookies.
1 answers
solution1
0 2021-11-30 11:32:12
If b.com wants to know which user is logged on a.com , it should make ajax call to a.com including the credentials :
fetch('https://a.com/api/v1/users/current', {mode: 'cors', credentials: 'include'})
.then(response => response.json())
.then(data => console.log(data));
On a.com you have to create the API endpoint /api/v1/users/current that will send the user data in JSON for currently logged in user. For better security it should respond only if the origin is b.com .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.