How can I remain logged-in in the iframe which is used in a different domain?

Question

I am using an iframe in my chrome extension app, the iframe src has link to my server, I login to my server through the iframe, but when I refresh the domain which contains the iframe I do not get the logged in status.

After doing some research I have set the SameSite cookie attribute along with secure attribute.

But I am still not logged in after refresh.

I am using cakephp 2.x this is what I have set in the config/core.php file

Configure::write('Session', array(
  'defaults' => 'php',
  'timeout' => 20160, 
  'checkAgent' => false,
  'ini' => [
     'session.cookie_path' => '/; SameSite=None',
     'session.cookie_httponly' => 1,
     'session.cookie_secure' => 1,
     'session.gc_maxlifetime' => 1209600, // secs - 2 week
     'session.referer_check' => false
  ]
));

Please guide me on what I might be missing.

score 0 · Answer 1 · answered Jan 29 '21 at 09:25

0

I have figured it out, whatever setting I have done is correct, but I was trying it on my http://stage.domain.com , it works correctly on https://live.domain.com

answered Jan 29 '21 at 09:25

Greatest

1
3

How can I remain logged-in in the iframe which is used in a different domain?

1 Answers1