PDA

View Full Version : Session key not known (reload page to recreate session) error in Chriome



PaulRicardo
5-Aug-2020, 03:10 AM
We have a Dataflex 2016 18.2 mobile webapp running in a Wordpress site. The Wordpress site uses the DF4WP plugin to access the server running the Dataflex webapp. This has been working for some time and still works in Firefox, Edge and IE but has just stopped working in Chrome. It gives the error, 'Session key not known (reload page to recreate session)'. This is a public facing booking form so we have no direct control over the user's settings in their browser.

I would appreciate any advice on how and where to start looking to resolve the problem. Thanks in advance. Paul

PaulRicardo
5-Aug-2020, 06:21 AM
We have a Dataflex 2016 18.2 mobile webapp running in a Wordpress site. The Wordpress site uses the DF4WP plugin to access the server running the Dataflex webapp. This has been working for some time and still works in Firefox, Edge and IE but has just stopped working in Chrome. It gives the error, 'Session key not known (reload page to recreate session)'. This is a public facing booking form so we have no direct control over the user's settings in their browser.

I would appreciate any advice on how and where to start looking to resolve the problem. Thanks in advance. Paul

Further to my first post this is the message coming from Chrome
df-include.js:36 A parser-blocking, cross site (i.e. different eTLD+1) script, https://dataflex.acs.net.au/cwat/DfEngine/df-min.js?v=18.2.21.112, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
includeJS @ df-include.js:36
(index):1 A cookie associated with a cross-site resource at http://dataflex.acs.net.au/ was set without the `SameSite` attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
Paul

PaulRicardo
5-Aug-2020, 07:57 PM
If I am understanding this correctly Chrome has recently enforced blocking of cookies from a different site as is required with CORS.
https://www.chromestatus.com/feature/5088147346030592
Treat cookies as SameSite=Lax by default if no SameSite attribute is specified. Developers are still able to opt-in to the status quo of unrestricted use by explicitly asserting SameSite=None

My question then is do we have access to set this attribute SameSite=None

Paul

Dennis Piccioni
6-Aug-2020, 10:41 AM
Hi Paul,

we've added this in DataFlex 20.0.