我正在尝试让Apache附加所有带有SameSite=Lax值的cookie。我已经检查了标头模块是否已安装,并使用它创建了一个cookie。但是,此代码无法按预期编辑网站Cookie:
Header always edit Set-Cookie (.*) "$1; SameSite=Lax"
Apache版本为httpd-2.4.6-89.el7.centos.x86_64
我已经尝试过这个以及Stack Overflow的其他一些变体,但是cookie没有任何反应:
<ifmodule mod_headers.c>
# always is similar to "onerrors"
Header always edit Set-Cookie (.*) "$1; SameSite=strict"
# success is similar to http 2xx response code
Header onsuccess edit Set-Cookie (.*) "$1; SameSite=strict"
# remove duplications (apache sends from both tables always and onsuccess)
## https://www.tunetheweb.com/security/http-security-headers/secure-cookies/
#Strip off double SameSite=strict settings as using above you can sometimes get both
Header edit Set-Cookie ^(.*);\s?SameSite=strict;?\s?(.*);\s?SameSite=strict;?\s?(.*)$ "$1; $2; $3; SameSite=strict"
#Strip off double ;; settings
Header edit Set-Cookie ^(.*);\s?;\s?(.*)$ "$1; $2"
</ifmodule>