Cookie issue with new Chrome and build 2822

If you have questions or if you want to share your opinion about Aware IM post your message on this forum
Post Reply
aware_support
Posts: 7523
Joined: Sun Apr 24, 2005 12:36 am
Contact:

Cookie issue with new Chrome and build 2822

Post by aware_support »

In one of their latest builds Chrome has introduced a big change - it no longer sends cookies to the cross-domain requests. See this article https://blog.heroku.com/chrome-changes-samesite-cookie

As a result some Aware IM functionality may have been broken, namely:

- Using Aware IM inside an IFRAME
- Using business objects with the URL communication channel
- Using REST services with OAuth support
- Logging in via Google, Facebook and Twitter

The solution requires a new version of Tomcat. We have issued a new build 2822 that includes this new version.

If this problem affects your applications you need to configure Tomcat appropriately (starting from build 2822). This is what you need to do:

1. Modify Tomcat/conf/context.xml and add the following inside the <Context> element:
<CookieProcessor sameSiteCookies="none" />
2. Modify Tomcat/conf/web.xml and add the following to the <session-config> element:
<cookie-config>
<http-only>true</http-only>
<secure>true</secure>
</cookie-config>

IMPORTANT: This will only work if your application uses HTTPS, so you must set up HTTPS as well.
Aware IM Support Team
cishpix
Posts: 183
Joined: Fri Nov 06, 2015 5:07 am
Location: Indonesia

Re: Cookie issue with new Chrome and build 2822

Post by cishpix »

Thanks support, your trick solve my issue
Regards,

Suwandy
-----------------
Kisaran - Indonesia
Post Reply