Answer the question
In order to leave comments, you need to log in
What if cookies in safari are only saved after disable prevent cross-tracking in settings?
Please tell me, after authorization on the client, cookies with tokens should be saved, but they are saved only if you turn off prevent cross-tracking in the safari settings, but even then in the cookies tab for some reason they are still not visible, but on the site you can see that it is authorized. Thus, I set cookies on the server
response.cookie("access", accessToken, {httpOnly: true, sameSite: 'none', secure: true});
I probably think it might be due to sameSite: none, but if sameSite is not set to none then cookies are not stored at all in any browser.
What to do?
The client and server are hosted on Heroku.
[client].herokuapp.com
[server].herokuapp.com
Please reply what to do
Answer the question
In order to leave comments, you need to log in
Your sites are considered different because herocuapp.com is on the Public Suffix List .
The bug in Safari has been around for a long time: https://developer.apple.com/forums/thread/658688
The most reliable way is to refuse cookies and pass the token in the data or a separate request header.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question