Method of use

Same old rule — tools first, content later.

downloadThe plug-inOr,Baidu web disk extraction code: RN0B

Click on the top right corner of Chrome… => More tools => Extended program

Open developer mode and drag in the ZIP file, effective immediately

The plugins can be fixed to the top through the plugins button in the upper right corner

Note: In some scenarios (such as remote login, registration, verification code, etc.), the cookie situation is complicated and authentication failure may occur. In such cases, close the plug-in.


background

Starting with Chrome 51, a SameSite property will be added to the browser’s cookies to protect against CSRF attacks and user tracking. Google defaults the SameSite property to Lax. The 80 version, two attributes, associated with SameSite SameSiteByDefaultCookies and CookiesWithoutSameSiteMustBeSecure default Settings for the default, means must with domain to carry cookies. If you want to carry cookies across domains, you must set the cookie property to Secure, meaning that cookies must be sent over HTTPS requests.

In version 90, we can solve the problem by simply setting the SameSite attribute to disabled in chorme://flags. Reference: Resolve the problem that Chrome requests cannot carry cookies

Chrome 91 removed both options from chrome ://flags, making them impossible to disable, but we can still disable them from the command line. Zhihu: version 91 cannot carry cookies

In version 94, the command line also failed to solve the problem. If we don’t solve this problem in a different way, we won’t be able to use Chrome development. It’s not that you can’t live without the latest version of Chrome. Some chose to develop in Firefox or 360, while others opted to roll back Chrome to version 89. But it’s impossible to just run away from the problem, and there are some solutions. Chrome 94 is expected to increase the cookie policy, how to rest assured bold upgrade?

So, could there be a more convenient solution?

Solutions and source code sharing

A different approach

Regardless of the principle of SameSite, the essence of the problem we have is that cookies don’t work. If we can force cookies on it, the problem will be solved.

At this time, we can use Google official plug-in API Chrome Extence official document to complete the cookie carrying work.

The idea is very simple, through the Chrome extension extension webRequestBlocking API and cookie API read the cookie in the browser, at the same time, block the request that does not carry the cookie, force it to carry the same origin cookie.

You can go to see the source directly, the idea is very simple github.com/chirpmonste…

The first is to call the COOKIE fetching API, which is asynchronous

function updateCookie() {
    chrome.cookies.getAll(
        {},
        (cookie) => {
            storeCookie(cookie)
        },
    )
}
Copy the code

The cookie is then cached and parsed into a map to be used when intercepting the request

Function storeCookie(cookie) {if (state.cookiestr === json.stringify (cookie)) {console.log('cookie cache not updated ') Return} state.cookiestr = json.stringify (cookie) const newCookieMap = new Map() // Parse domain cookie.forEach((item) => { const str = (newCookieMap.get(item.domain) || '') + item.name + '=' + item.value + '; 'newCookiemap. set(item.domain, STR)}) state.cookiemap = newCookieMap console.log('cookie cache updated ') console.log(cookie)}Copy the code

Add a request interceptor API that calls the setCookie method on all requests

function addRequestListener() {
    chrome.webRequest.onBeforeSendHeaders.addListener(
        setCookie,
        {urls: ["<all_urls>"]},
        ["blocking", "requestHeaders", "extraHeaders"]
    );
}
Copy the code

The re resolution matches the domain of the intercepted request and adds it to the request header

function setCookie(details) { if (! State. CookieStatus) {return} updateCookie () / / if there has been a cookie, return the for (let I = details. RequestHeaders. Length - 1. i >= 0; i--) { if (details.requestHeaders[i] === 'Cookie') { return } } const url_to_domain_reg=/://.*? //i const domain_to_subdomain_reg=/.([a-z0-9-])+.[a-z]+(:[0-9]*)? /g if (! Url) {console.log(details+' No Cookie this time, Please confirm whether this request needs to carry Cookie') return} let domain= details.urur.match (url_to_domain_reg)? . [0]???? Match (domain_to_subdomain_reg) domain = domain? [0]? .split(':')? .[0] // let forbiddenList=['baidu',' Google ','gitlab'] for(let I =0; i<forbiddenList.length; i++){ if(domain? .includes(forbiddenList[I])){return}} const newCookie = state.cookiemap. get(domain) // If cookie does not exist, return if (! newCookie) { return } details.requestHeaders.push({name: 'Cookie', value: NewCookie}) console.log(' Success with cookie:' + details.url) return {requestHeaders: details.requestheaders}}Copy the code

Done!

Github.com/chirpmonste… Pass by and give a little star!