How to make csrf and cookies work inside of an iframe?

davit_sargsyan · 3. Dezember 2020 um 12:04

I will be having my website running in an iframe in a different website. When I do so the csrf token is not generated as the cookies are not being set.

I checked the source codes and saw that these options: “SameSite=None; Secure” are not added when shopware creates cookies. How can this be bypassed or fixed?

Extending the jquery plugin is not possible as these are done in statemanager plugin and csrf protection jquery plugin. They cannot be overwritten, can they?

brettvormkopp · 3. Dezember 2020 um 12:09

That is the security behind it. If your iframe have another Host, so the Cookie does.

davit_sargsyan · 3. Dezember 2020 um 12:14

@brettvormkopp‍ so can it be fixed? anything else that can solve the issue that I have?

Thema		Antworten	Aufrufe
Shopware 5 cookies/session not working in an iframe? International (English Only)	0	1282	5. Dezember 2020
Why CSRF token value is not present when the website is opened in an iframe? International (English Only)	0	712	24. Oktober 2020
Shopware 5 Cookies / Sitzung funktionieren nicht in einem Iframe? Allgemein	0	240	5. Dezember 2020
Shopware 5 Cookies / Sitzung funktionieren nicht in einem Iframe? Programmierung	0	309	5. Dezember 2020
SW 6.5.x - Varnish - CSRF Deprecation Shopware 6 (German)	6	490	11. September 2023

How to make csrf and cookies work inside of an iframe?

Verwandte Themen