wordpress - 控制台错误如何设置 SameSite 属性
问题描述
我在控制台中收到以下消息。我该如何解决这些问题?
A cookie associated with a cross-site resource at http://widgets.wp.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://wp.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://cloudflare.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://www.facebook.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at https://facebook.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://wordpress.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at https://wordpress.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://support.wordpress.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at https://public-api.wordpress.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
A cookie associated with a cross-site resource at http://public-api.wordpress.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
解决方案
这只是关于即将到来的更新/更改的警告消息,Chrome 会传播有关它的信息。与当前站点的域匹配的 cookie 称为第一方 cookie。来自当前域以外的域的 cookie 称为第三方 cookie。
CSRF 攻击:cookie 附加到任何请求。例如,如果您访问 bad.domain.com,则来自该域的 cookie 可以触发对 your-site.domain.com 的请求。您的浏览器会很乐意附加相关的 cookie。如果您的网站没有验证这些请求,那么 bad.domain.com 的 cookie 可能会推出一些操作,例如添加内容甚至更多具有您登录用户权限的内容。
我认为您对此无能为力,因为 cookie 是由这些网站设置的。
问候汤姆
推荐阅读
- spring-cloud-dataflow - Spring Cloud Dataflow 任务执行在后续运行中失败
- javascript - 导出/要求不适用于 Node.JS 文件
- web-scraping - 错误:页面崩溃!在 Page._onTargetCrashed PUPPETEER
- javascript - 如果它们具有相同的键,我如何合并对象值?
- xamarin - 如何使用 Xamarin.Essentials WebAuthenticator 中的 access_token?
- linux - 美元有什么好处?在 bash
- ruby-on-rails - 从 Rails 6 应用程序中完全删除 /assets 目录
- c++ - 如何在 luabind (lua, c++) 中使用 boost::any 类型?
- java - 尝试在 Burp 中导入插件时出现 ClassNotFoundException
- python - 执行用户告诉它不工作的次数的程序