一、异常信息描述

错误信息,看到这个页面是否耳熟能详担又不知道怎么解决 ,坑死个人不偿命,,,,,,,,

二、处理方法

1、在web项目中增加类SameSiteCookiesServiceCollectionExtensions.cs

public static class SameSiteCookiesServiceCollectionExtensions

    {

        /// <summary>

        /// -1 defines the unspecified value, which tells ASPNET Core to NOT

        /// send the SameSite attribute. With ASPNET Core 3.1 the

        /// <seealso cref="SameSiteMode" /> enum will have a definition for

        /// Unspecified.

        /// </summary>

        private const SameSiteMode Unspecified = (SameSiteMode)(-1);

        /// <summary>

        /// Configures a cookie policy to properly set the SameSite attribute

        /// for Browsers that handle unknown values as Strict. Ensure that you

        /// add the <seealso cref="Microsoft.AspNetCore.CookiePolicy.CookiePolicyMiddleware" />

        /// into the pipeline before sending any cookies!

        /// </summary>

        /// <remarks>

        /// Minimum ASPNET Core Version required for this code:

        ///   - 2.1.14

        ///   - 2.2.8

        ///   - 3.0.1

        ///   - 3.1.0-preview1

        /// Starting with version 80 of Chrome (to be released in February 2020)

        /// cookies with NO SameSite attribute are treated as SameSite=Lax.

        /// In order to always get the cookies send they need to be set to

        /// SameSite=None. But since the current standard only defines Lax and

        /// Strict as valid values there are some browsers that treat invalid

        /// values as SameSite=Strict. We therefore need to check the browser

        /// and either send SameSite=None or prevent the sending of SameSite=None.

        /// Relevant links:

        /// - https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-4.1

        /// - https://tools.ietf.org/html/draft-west-cookie-incrementalism-00

        /// - https://www.chromium.org/updates/same-site

        /// - https://devblogs.microsoft.com/aspnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/

        /// - https://bugs.webkit.org/show_bug.cgi?id=198181

        /// </remarks>

        /// <param name="services">The service collection to register <see cref="CookiePolicyOptions" /> into.</param>

        /// <returns>The modified <see cref="IServiceCollection" />.</returns>

        public static IServiceCollection ConfigureNonBreakingSameSiteCookies(this IServiceCollection services)

        {

            services.Configure<CookiePolicyOptions>(options =>

            {

                options.MinimumSameSitePolicy = Unspecified;

                options.OnAppendCookie = cookieContext =>

                   CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);

                options.OnDeleteCookie = cookieContext =>

                   CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);

            });

            return services;

        }

        private static void CheckSameSite(HttpContext httpContext, CookieOptions options)

        {

            if (options.SameSite == SameSiteMode.None)

            {

                var userAgent = httpContext.Request.Headers["User-Agent"].ToString();

                if (DisallowsSameSiteNone(userAgent))

                {

                    options.SameSite = Unspecified;

                }

                else

                {

                    options.SameSite = SameSiteMode.Lax;  // 增加这句

                }

            }

        }

        /// <summary>

        /// Checks if the UserAgent is known to interpret an unknown value as Strict.

        /// For those the <see cref="CookieOptions.SameSite" /> property should be

        /// set to <see cref="Unspecified" />.

        /// </summary>

        /// <remarks>

        /// This code is taken from Microsoft:

        /// https://devblogs.microsoft.com/aspnet/upcoming-samesite-cookie-changes-in-asp-net-and-asp-net-core/

        /// </remarks>

        /// <param name="userAgent">The user agent string to check.</param>

        /// <returns>Whether the specified user agent (browser) accepts SameSite=None or not.</returns>

        private static bool DisallowsSameSiteNone(string userAgent)

        {

            // Cover all iOS based browsers here. This includes:

            //   - Safari on iOS 12 for iPhone, iPod Touch, iPad

            //   - WkWebview on iOS 12 for iPhone, iPod Touch, iPad

            //   - Chrome on iOS 12 for iPhone, iPod Touch, iPad

            // All of which are broken by SameSite=None, because they use the

            // iOS networking stack.

            // Notes from Thinktecture:

            // Regarding https://caniuse.com/#search=samesite iOS versions lower

            // than 12 are not supporting SameSite at all. Starting with version 13

            // unknown values are NOT treated as strict anymore. Therefore we only

            // need to check version 12.

            if (userAgent.Contains("CPU iPhone OS 12")

               || userAgent.Contains("iPad; CPU OS 12"))

            {

                return true;

            }

            // Cover Mac OS X based browsers that use the Mac OS networking stack.

            // This includes:

            //   - Safari on Mac OS X.

            // This does not include:

            //   - Chrome on Mac OS X

            // because they do not use the Mac OS networking stack.

            // Notes from Thinktecture:

            // Regarding https://caniuse.com/#search=samesite MacOS X versions lower

            // than 10.14 are not supporting SameSite at all. Starting with version

            // 10.15 unknown values are NOT treated as strict anymore. Therefore we

            // only need to check version 10.14.

            if (userAgent.Contains("Safari")

               && userAgent.Contains("Macintosh; Intel Mac OS X 10_14")

               && userAgent.Contains("Version/"))

            {

                return true;

            }

            // Cover Chrome 50-69, because some versions are broken by SameSite=None

            // and none in this range require it.

            // Note: this covers some pre-Chromium Edge versions,

            // but pre-Chromium Edge does not require SameSite=None.

            // Notes from Thinktecture:

            // We can not validate this assumption, but we trust Microsofts

            // evaluation. And overall not sending a SameSite value equals to the same

            // behavior as SameSite=None for these old versions anyways.

            if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6"))

            {

                return true;

            }

            return false;

        }

    }

2、Startup.cs类ConfigureServices方法中添加如下配置

services.ConfigureNonBreakingSameSiteCookies();

参考链接:http://t.zoukankan.com/wjx-blog-p-14803501.html

https://www.thinktecture.com/en/identityserver/prepare-your-identityserver/

identity server4 授权成功页面跳转时遇到错误:Exception: Correlation failed. Unknown location的解决方法的更多相关文章

  1. SSH连接时出现Host key verification failed的原因及解决方法

    SSH连接的时候Host key verification failed. [root@cache001 swftools-0.9.0]# ssh 192.168.1.90@@@@@@@@@@@@@@ ...

  2. 页面跳转时,url 传大数据的参数不全的问题+序列化对象

    1.页面跳转时,url 传大数据的参数不全的问题 //传参: url: '/pages/testOfPhysical/shareEvaluation?detailInfo=' +encodeURICo ...

  3. 微信小程序:页面跳转时传递数据到另一个页面

    一.功能描述 页面跳转时,同时把当前页面的数据传递给跳转的目标页面,并在跳转后的目标页面进行展示 二.功能实现 1. 代码实现 test1页面 // pages/test1/test1.js Page ...

  4. 自定制页面跳转时携带原搜索参数的URL

    介绍 django自带反向解析生成URL的功能,目的是避免硬编码,较少代码维护的代价. 前端页面使用模板语法,如:{% url "rbac: request menu_list" ...

  5. jQuery Mobile页面跳转后未加载外部JS原因分析及解决

    在使用jQuery Mobile进行Web开发中,当页面跳转时(pageA => pageB),在pageB中引用的JS并未成功运行.因为,JQM并为将整个页面加载到当前的dom中,仅将data ...

  6. springmvc使用路径变量后再进行页面跳转会出现路径错误问题

    学习<Servlet.JSP和SpringMVC学习指南>遇到的一个问题,记录下. 项目代码 现象 @RequestMapping(value = "/book_edit/{id ...

  7. Navicat连接数据库成功,新建查询时提示错误“Cannot create file ……”

    Navicat连接数据库成功,新建查询时提示错误"Cannot create file --" 原因:编辑连接{高级}<设置位置>被修改,该oci.dll不正确 解决方 ...

  8. CAS (10) —— JBoss EAP 6.4下部署CAS时出现错误exception.message=Error decoding flow execution的解决办法

    CAS (10) -- JBoss EAP 6.4下部署CAS时出现错误exception.message=Error decoding flow execution的解决办法 jboss版本: jb ...

  9. Navicat for MySQL打开链接时出错错误为:2005 - Unknown MySQL server host 'localhost'(0)?

    问题:Navicat for MySQL打开链接时出错错误为:2005 - Unknown MySQL server host 'localhost'(0)? 在使用navicat 连接mysql数据 ...

随机推荐

  1. 一文了解RPC框架原理

    点击上方"开源Linux",选择"设为星标" 回复"学习"获取独家整理的学习资料! 1.RPC框架的概念 RPC(Remote Proced ...

  2. 6.Docker网络

    什么是 Docker网络 docker 不启动,默认网络情况 ens33 lo virbr0 在 CentOS7 的安装过程中如果有选择相关虚拟化的的服务安装系统后,启动网卡时会发现有一个以网桥连接的 ...

  3. 8┃音视频直播系统之 WebRTC 信令系统实现以及通讯核心并实现视频通话

    一.信令系统 信令系统主要用来进行信令的交换 在通信双方彼此连接.传输媒体数据之前,它们要通过信令服务器交换一些信息,如规范协商 若 A 与 B 要进行音视频通信,那么 A 要知道 B 已经上线了,同 ...

  4. 用更云原生的方式做诊断|大规模 K8s 集群诊断利器深度解析

    背景 通常而言,集群的稳定性决定了一个平台的服务质量以及对外口碑,当一个平台管理了相当规模数量的 Kubernetes 集群之后,在稳定性这件事上也许会"稍显被动". 我们可能经常 ...

  5. 好客租房22-react组件的两种创建方式(类组件)

    2.2使用类创建组件 类组件:使用ES6的class创建的组件 约定1:类组件必须以大写字母开头 约定2:类组件应该继承react.component父类 从中可以使用父类的方法和属性 约定3:组件必 ...

  6. 使用pdfcrack & crunch暴力破解PDF密码

    crunch是密码字典生成器,可以根据指定的字符来生成组合密码字典. pdfcrack是Linux下一个PDF暴力破解密工具,可以使用crunch生成的密码字典来暴力破解PDF文件的密码. 注:没有强 ...

  7. CSP 2021 总结

    CSP 2021 总结 PJ 开题顺序:1342 应该先做 T2 ,导致我 T2 直接看错 T1.T3 T1 :直接推规律即可,考场的想法应该正确 T3 :好家伙直接 map 走起 T2 最崩溃的来了 ...

  8. 开源流程引擎该如何选择flowable还是camunda

    市场上比较有名的开源流程引擎有osworkflow.jbpm.activiti.flowable.camunda.现在国内用的最多的是activiti.flowable.camunda,下面主要从功能 ...

  9. React与Koa一起打造一个仿稀土掘金全栈个人博客(技术篇)

    本篇文章将分为前台角度与后台角度来分析我是怎么开发的.前台角度主要资源 react.js ant Design for-editor axios craco-less immutable react- ...

  10. FTP安装及使用

    通过网络传输数据的手段 1. ssh 2. http 3. nfs 4. rsync 5. ftp 6. samba ftp的简介: 1. ftp是应用层协议,是基于TCP 2. 使用21端口 FTP ...