How can I set the cookies for subdomains? I follow...
# ory-selfhostingb
brash-cartoon-33648
08/24/2022, 2:59 PMHow can I set the cookies for subdomains? I followed the config guide but doesn't seem to work. Still get the redirect loop above.
Config;
Copy code
cookies:
domain: <http://codebrewer.nl|codebrewer.nl>
# path: /cookies
path: /
same_site: Lax
session:
cookie:
# Overrides cookies.domain for session cookies
domain: <http://codebrewer.nl|codebrewer.nl>
# Overrides cookies.path for session cookies
path: /
# Overrides cookies.samesite for session cookies
same_site: Lax
# same_site: Strictp
proud-plumber-24205
08/24/2022, 3:19 PMHi @brash-cartoon-33648
Not sure if this is related, but are you by chance using the express example from the docs?
https://github.com/ory/docs/issues/767
proud-plumber-24205
08/24/2022, 3:19 PMAlso if you are redirecting, is you app checking for an active session and then doing the redirect back to kratos?
proud-plumber-24205
08/24/2022, 3:20 PMIt might be that the cookie is in fact set and kratos can see it but your app middleware isn't including it in the request.
b
brash-cartoon-33648
08/24/2022, 3:32 PMNot specifically, just tried to setup the self serving UI from Ory and point it to my own Kratos
brash-cartoon-33648
08/24/2022, 3:32 PMJust saw these logs:
Copy code
The anti-CSRF cookie was found but the CSRF token was not included in the HTTP request body (csrf_token) nor in the HTTP Header (X-CSRF-Token).brash-cartoon-33648
08/24/2022, 3:34 PM Copy code
The HTTP Cookie Header was set and a CSRF token was sent but they do not match. We recommend deleting all cookies for this domain and retrying the flow.brash-cartoon-33648
08/24/2022, 3:34 PMAFAIK I'm not doing anything too crazy here, so not sure why
brash-cartoon-33648
08/24/2022, 3:43 PMWait... It does work in a regular browser?
I had been trying in an incognito window, and get the redirect loop there, but in a normal browser it does work
p
proud-plumber-24205
08/24/2022, 3:45 PMIt should work in regular browser (incognito and normal)
proud-plumber-24205
08/24/2022, 3:45 PMcsrf has a cookie and a token in the form
proud-plumber-24205
08/24/2022, 3:45 PMmake sure both are incl
b
brash-cartoon-33648
08/24/2022, 3:58 PMI'm not doing anything with those myself, that's all the self service UI, I assume it's handling them correctly.
For whatever reason I only get the loop in Firefox incognito. Firefox normal, Chromium (normal & incognito) work fine
9 Views