Framework: Subdomain cookie not being set in safari browser
- Laravel Version: 7.11.0
- PHP Version: 7.4.3
- Database Driver & Version: Mysql 5.7.29
Description:
I wanted to share the cookie of wesbite.test and its subdmain cp.website.test
So i set SESSION_DOMAIN=.website.test prefixed with dot, but no cookie is being set for subdomains in safari and all IOS mobile browsers.
It works fine in chrome.
Is this an expected behaviors for cookies to be not set in safari?
In Chrome
Safari
Steps To Reproduce:
// file .env
SESSION_DOMAIN=.website.test
SESSION_COOKIE=website_session
// file RouteServiceProvider.php
Route::domain('cp.website.test')
->as('admin:')
->middleware('web')
->namespace($this->namespace)
->group(base_path('routes/admin.php'));
// file routes/admin.php
Route::group(['middleware' => 'guest'], function() {
Route::get('/', function() {
return 'admin';
});
});
On visiting http://cp.website.test/
- chrome: cookie is set
- safari macos 10.15.1: cookie is not set
- iphone7 (13.2) safari and chrome: cookie is not set
anishdcruz
All 12 comments
Humor me - and try changing website_session to websitesession
There was a bug back in IE8 that _ in cookie names caused problems. maybe its the same here.
laurencei
on 20 May 2020
@laurencei when using SESSION_DOMAIN=null cookie is being set for that particular subdomain.
I guess naming is not an issue here.
Thanks
anishdcruz
on 20 May 2020
Is this the case in the very latest version of Safari?
GrahamCampbell
on 20 May 2020
There is issue with IOS (13.2) mobile browse safari, chrome, edge too.
I tested login form in mobile and all of them throw 419 because no cookie was send on form submission .
Also during each page refresh new session is created in database.
anishdcruz
on 20 May 2020
I'm not sure this is a Laravel issue.
taylorotwell
on 20 May 2020
I tested this in vanilla php and the cookie is being set.
/etc/hosts
127.0.0.1 cookie.localhost
127.0.0.1 cp.cookie.localhost
cookie.php
<?php
$value = '1';
$name = 'safari';
setcookie($name, $value, [
'expires' => time() + 86400,
'path' => '/',
'domain' => '.cookie.localhost',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax',
]);
echo $_SERVER['HTTP_HOST'];
?>
php -S localhost:8000
Cookie is being set for both cookie.localhost and cp.cookie.localhost
anishdcruz
on 21 May 2020
Finally issue resolved.
Ran valet tld localhost and every worked as expected.
Thanks
anishdcruz
on 21 May 2020
$value = '1';
$name = 'safari';setcookie($name, $value, [ 'expires' => time() + 86400, 'path' => '/', 'domain' => '.cookie.localhost', 'secure' => false, 'httponly' => true, 'samesite' => 'Lax', ]);
thanks a lot, without the additional arguments i did not get it to work in safari. this was the solution 👍
dergoldbroiler
on 29 Jul 2020
I have the same issue but am not using Valet. Hoping you might be able to help me isolate what the broader issue is here.
@anishdcruz can you elaborate on why valet tld localhost fixed it for you? Did you also change your domains to website.localhost and cp.website.localhost?
@dergoldbroiler — are you using php's native setcookie or Laravel's Cookie class? Which arguments did you need to add to get it to work in Safari?
jeff-h
on 16 Oct 2020
Yes.. I got similar issue too.. I am not sure this is laravel or safari problem..
efriandika
on 21 Oct 2020
Same problem here using valet...
valh1996
on 7 Nov 2020
This looks to be a Safari issue, having the same problem on node, using the http module. Chrome / Firefox have no issue setting the cookie ~ interestingly I am able to set some cookies, but not others, even though these cookies are being set with the same / similar parameters
jacknotman
on 14 Nov 2020
Related issues
PhiloNL
·
3Comments
iivanov2
·
3Comments
JamborJan
·
3Comments
YannPl
·
3Comments
CupOfTea696
·
3Comments