On the latest version of Chrome (Version 90.0.4430.85 on MacOS), I found that third-party cookies are disabled even though in my browser settings I checked "Allow all Cookies". I also tried adding the site to "Sites that can always use cookies" and checked "Including third-party cookies on this site", but it still doesn't seem to work. I'm accessing a course on LTI that requires third-party cookies. (The course is quite old so that might be an issue)
I'm getting this error:
Chrome Settings:
The reason I know this is because my other laptop has an earlier version of Chrome(around 80) and the cookies are working(the course loads), but it no longer works when I update my Chrome to the latest version.
When I tried in Safari, I'm able to allow third-party cookies by disabling "Prevent cross-website tracking", but I cannot find such settings in Chrome.
Any ideas on what I might try to be able to use third-party cookies on the latest version of Chrome? Also, why is it the case that this site functions in an earlier version of Chrome but not the latest? Thanks in advance.
Your browser settings for 3rd-party cookies look OK as far as testing by allowing all.
The issue may be with the LTI tool/app provider who is providing their product through Canvas and other LMS's - for example, if the LTI tool/app provider hasn't set their cookies with SameSite=None - sounds like you're suspecting that as far as course/app being older.
I think you can test this by temporarily disabling the same site requirement here: chrome://flags/#same-site-by-default-cookies
There are a few other decent testing tips from Chromium here.
If that's the issue and you still need to provide access quickly for a bunch of users, but can't wait for the LTI tool/app to be updated, you can usually update the LTI app/tool settings in Canvas to open it in a separate tab/window instead of as an iframe - e.g. these settings in Canvas.
Hope it works out!
Related
I ran into such a problem.
When I run the application on my laptop (Linux/Ubuntu 18) in the developer console in the Chrome browser, I have this message
A cookie associated with a cross-site resource at
http://pubsub.rtschannel.com/ was set without the SameSite
attribute. A future release of Chrome will only deliver cookies with
cross-site requests if they are set with SameSite=None and Secure.
You can review cookies in developer tools under
Application>Storage>Cookies and see more details at
https://www.chromestatus.com/feature/5088147346030592 and
https://www.chromestatus.com/feature/5633521622188032.
On another laptop (Linux/Ubuntu 16) in the Chrome browser, when the application is launched locally, there is no such message.
I tried to find at least some information on this subject, but alas I couldn’t. The only thing I could find was the link inside the message that it was a browser bug and in Chrome version number 80 it should be fixed and this setting would be added by default.
Please tell me, does it depend on the browser settings, or can I somehow influence this message programmatically? Can I clean it somehow?
On the project, I use angularjs if this can help.
Thanks.
These warnings are purely informational at the moment and do not affect site functionality. This behaviour will not be enforced until Chrome 80 which is due to hit stable in Feb 2020.
You can simply turn off the messages by setting chrome://flags/#cookie-deprecation-messages to Disabled. However, that is purely affecting the display of the messages.
If the pubsub.rtschannel.com is not your domain, e.g. it's a third-party service you use, then it's that domain that will be responsible for updating the cookies.
If it is your domain, then you need to review the cookie usage and set an appropriate value for the SameSite attribute on the cookie. You can find more context and guidance on https://web.dev/samesite-cookies-explained.
I've been getting annoyed from this. It was used to work fine, but it must have happened with some recent update.
I'm on Google Chrome 71 and the microphone doesn't work. Regardless the extension (including Google Meet) and the settings which clearly shows the microphone as active, the audio is not passing sounds in.
The audio settings at computer level are fine, the chrome settings are fine and the microphone is enabled and whitelisted for the given site.
I tried also to fully reset the browser, restoring to the original settings and to use unlinking my accounts. No joy.
Conversely, while using Chromoium (Google Canary) everything works fine.
Has anybody experiencing the same or found a solution?
Ok, in a nutshell - and after having reported this to their chrome bug center - it turned out to be an issue I (and very likely many other users) have been experiencing with the upgrade to MoJave.
Basically, the upgrade seems to remove the microphone access at OS level.
To fix/check this, go into System Preference > Security and Privacy > Microphone and re-instate the check to Google Chrome, which should in theory unticked as it was on my case.
I notice that certain cookies saved in my chrome browser are getting deleted automatically without any manual intervention. I have the some extensions installed in chrome. I want to know if anybody has faced the same issue. Do certain extension delete cookies on a regular basis? Any information would be helpful
I think I know the answer! Google chrome has a cap on the number of cookies it allowed per domain . Once the total number of cookies in that domain exceeds that count, it deletes cookies! Verified!
It must be due to some extension that you have installed. Extensions can have access to clear the cookies.
So, If you have not deleted the cookies manually, then the other extensions installed, are the responsible for clearing the cookies.
I have also observed something similar. After updating to Chrome 67 stable about two weeks ago some cookies disappeared. No matter if I set them again, after restarting chrome they are not there. Like the blocking cookie of web statistics/hit counter.
I don't know details, but looks like it may be related to http/https issue, I see in the site info that for some of the http pages background data is not synced in Chrome.
Or, if the cookie has no expiration time.
They're still being deleted without my consent and it's not due to extensions.
I am currently experiencing an error everytime I use my Microsoft Edge. Whenever I try to go to a site, I always end up with this error. The weird thing is, this issue only happens on certain websites (such as Facebook and Yahoo currently) and sometimes with Google. It likes to disconnect me often and I really don't want to have to deal with this issue anymore.
My internet works fine as my laptop (which I'm currently on) and phone can connect to it without issue. I don't know why it doesn't work on my desktop especially since its internet is Ethernet.
I tested this on other browsers to see if it was only on Edge but it turns out that chrome and firefox experience the same issue with different sites as well. For all three, I haven't been able to go on Facebook and Yahoo, and sometimes Google.
I know the problem is from my end because clearly, the sites are up. Is there any way to solve this or has anyone else found a solution to this?
I'm running Windows 10.
I've tried the following:
ipconfig / flush
ipconfig / reset
ipconfig / release
ipconfig / renew
clearing caches and browsing history
a full scan for malware using malwarebytes and windows defender, already removed/quarantined all threats, did this multiple times to ensure there were none left
reinstallation of chrome and firefox and a reset of edge
ipv4 - changing preferred and alternate dns address to 8.8.8.8 and 8.8.8.4 respectively
checked to see if a proxy was up, no proxy
If I were to do a factory reset, would this solve the issue?
To narrow it down a bit, can you confirm that you only get this when navigating to the sites listed and they're using SSL / HTTPS? Some will auto re-direct to HTTPS if you go to their non-SSL equivalent, but it's worth trying this on sites like Google which do support both.
If this does help narrow down the behaviour, then I've seen this behaviour once before, but this was behind a corporate proxy which didn't support SSL SPDY.
You can try disabling SPDY support, but there is likely to be an underlying issue (perhaps anti-virus acting as a proxy?).
To test disabling SPDY:
Internet Explorer 11
In the browser, select Tools > Internet Options > Advanced > HTTP
Settings and clear the Use SPDY/3 option.
Firefox
In the browser, enter about:config in the address bar and press
Enter. Confirm the security warning. Type
network.http.spdy.enabled in the Search field. For all the entries, set the Value to false.
Chrome
Use a switch to disable SPDY for Chrome. Edit the shortcut for Chrome
and add the following switch at the end of the Target path:
--use-spdy=off
For example, if Chrome's default shortcut link is pointing to
"C:\Program Files\Google\Chrome\Application\chrome.exe", change it to
"C:\Program Files\Google\Chrome\Application\chrome.exe" –use-spdy=off.
Source:-
http://bluecoat.force.com/knowledgebase/articles/Solution/HowtodisableSPDYprotocolsupportinbrowsers
I had a caller who was getting the "can't load page" error in Chrome only when logging into the AMEX site. Every other browser worked. The fix was to disable some weird experimental Chrome setting that is on by default. Go to chrome://flags, search for "experimental quic protocol" and "Disable" it.
Source
Click on start/control pane/IE options/Privacy Tab/Sites
Look at list of sites to see if any Google sites are blocked.
I have an existing site that works fine over http and https (SSL). The SSL certificate is valid and can be confirmed by inspecting in the browser.
I am starting to use a manifest file to enable the HTML5 application cache on my website. This is useful for making the page load faster, and eventually for offline capabilities. This is working great when using a regular http connection. The problems happens when accessing the site over https (SSL). When I do this, I can access my website's content just fine, and the URL says "https" however I see the following behavior:
Safari: It displays the lock icon, but when I click the lock icon to inspect the certificate, it says that the certificate is invalid.
Firefox: Does not display the colored address bar indicating encryption, and when inspecting the certificate, it says that there is no certificate.
Chrome and Opera: Correctly displays the secure nature of the URL, and when clicking the lock icon it displays the SSL certificate information. Yes!
I understand that using the application cache causes resources to be served locally from the browser, and as such there is no encryption happening, however customers don't necessarily know that there is an application cache happening in the background, and they are expecting to see a valid SSL certificate and indications that the connection is secure. Safari and Firefox appear to be doing this incorrectly, unless I am missing something. That is my question. Does anyone know how to get Safari and Firefox to display the SSL certificate for pages served from the application cache? Is there something special that you need to do, or is it a Safari and Firefox bug?
I believe someone has discussed this with me before. Please let me know if this helps.
Change all of your script and css references from
http:// or https:// to //.
If you haven't any then it is moot, but if you do, please let me know if that has an effect.
I believe this may be related to not being able to verify the references from a cached page.
Based on the history of vulnerabilities, I'd guess this may have been overlooked for the sake of fixing more critical issues. That said, I think this should be reported to both vendors now that some of the glaring vulnerabilities have been patched. Have you tested this with the latest releases of Firefox and Safari?
Did you serve the application manifest over SSL?