We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Another fix needed if using php 7.3+ to avoid possible warnings | Forum

dave Leader
dave Feb 20 '20
Google has now begun sending out warnings inside their web tools console to try to get people in the habbit i guess to use the new attributes for sessions, and oxwall needs to be updated as well.. 


The new attributes are called  secure and SameSite.  I am just now reading about them myself but here is what i know so far. 


First here is an example of the warning you will get from google tools.  


A cookie associated with a cross-site resource at http://google.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032. ;


Here is the techical reference:

https://www.php.net/manual/en/session.security.ini.php


Here is a snippet text from that page. 


As of PHP 7.3 the "SameSite" attribute can be set for the session ID cookie. This attribute is a way to mitigate CSRF (Cross Site Request Forgery) attacks. The difference between Lax and Strict is the accessibility of the cookie in requests originating from another registrable domain 


I do need to mention that this particular warning from google listed above is from google, there is nothing site owners can do about it, its up to google to change their code is what im thinking.  But please correct me if i am wrong. 


These warnings from google are caused by including some of the snippet code from google you may have in your site custom headers. You might want to check if google has new or updated snippets with the additional attributes included. 


The Forum post is edited by dave Feb 20 '20
Oxwall Türkiye
Oxwall Türkiye Feb 24 '20

My dear friend dave has been a long time, hope you are well.

I personally got tired of the warnings I received on this subject, and I did research for an additional contact. This issue is rather new preparations for web 3.0. It is said to be for people to gain information and obtain clearer and more useful content by enabling faster interaction. This appears to be effective for advertising and commercial interactions.

What do you think we can do more clearly about this.

I was tired of reading foreign sources, I read many articles and situation reviews. Is there an effective way for us.


I would like to express my pleasure to see you and wish you and your family happy.

dave Leader
dave Feb 24 '20
Hi OWT,  as far as i know there is nothing we can do other than wait for google to update its data.  If i discover a resolve i will post it here.  :)    Wish your family best as well. 
The Forum post is edited by dave Feb 24 '20