Skip to Content Skip to Menu

🌟Discover the Joomla AI Plugin that wrote its own story! - CB Editor Assistant 1.1now for Joomla 3, 4 & 5!
✍️ 5-Day Free Trial, then 🎯 save up to 30% with our 🛍️ Intro Offer (First 50 users, ends Dec. 31)
🌲 Merry Christmas! Great savings on Professional and Developer Memberships! Get 25% off now with code XMAS-2024!

CB login / CB connect without cookies

  • activha
  • activha
  • OFFLINE
  • Posts: 2336
  • Thanks: 117
  • Karma: 13
1 year 8 months ago - 1 year 8 months ago #333435 by activha
Replied by activha on topic CB login / CB connect without cookies
My best bet was to change in /plugins/user/joomla/joomla.php
Code:
        // Add "user state" cookie used for reverse caching proxies like Varnish, Nginx etc. //         if ($this->app->isClient('site')) { //             $this->app->input->cookie->set( //                 'joomla_user_state', //                 'logged_in', //                 0, //                 $this->app->get('cookie_path', '/'), //                 $this->app->get('cookie_domain', ''), //                 $this->app->isHttpsForced(), //                 true //             ); //         }                  //correction of the cookie to allow samesite none important for safari and chrome          if ($this->app->isClient('site')) {             $cookieName = 'joomla_user_state';             $cookieValue = 'logged_in';             $cookieExpires = 0;             $cookiePath = $this->app->get('cookie_path', '/');             $cookieDomain = $this->app->get('cookie_domain', '');             $cookieSecure = $this->app->isHttpsForced() ? 'Secure;' : '';             $cookieHttpOnly = 'HttpOnly;';             $cookieSameSite = 'SameSite=None';             $cookie = sprintf(                 '%s=%s; expires=%s; path=%s; domain=%s; %s %s %s',                 $cookieName,                 $cookieValue,                 ($cookieExpires == 0) ? '0' : gmdate('D, d-M-Y H:i:s T', time() + $cookieExpires),                 $cookiePath,                 $cookieDomain,                 $cookieSecure,                 $cookieHttpOnly,                 $cookieSameSite             );             header('Set-Cookie: ' . $cookie, false);         }

This allows log in chrome with the correct SameSite=None cookie.

As for Safari that was a little more tricky,

First you have to set sandbox="allow-storage-access-by-user-activation allow-scripts allow-same-origin allow-forms" in the iframe, then you need a code to trigger the allow storage access for webkit. This code has to be placed in the iframe
Code:
document.addEventListener('DOMContentLoaded', function() {     function setCookie(name, value, days) {         const date = new Date();         date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));         const expires = "; expires=" + date.toUTCString();         document.cookie = name + "=" + (value || "") + expires + "; path=/";     }     function getCookie(name) {         const nameEQ = name + "=";         const ca = document.cookie.split(';');         for (let i = 0; i < ca.length; i++) {             let c = ca[i];             while (c.charAt(0) === ' ') c = c.substring(1, c.length);             if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length, c.length);         }         return null;     }     function requestAccess() {         if (document.hasStorageAccess) {             document.requestStorageAccess().then(function() {                 console.log('Accès au stockage accordé');                 setCookie('storageAccessGranted', 'true', 1);             }).catch(function(err) {                 console.error('Accès au stockage refusé', err);             });         } else {             console.log('La méthode requestStorageAccess() n\'est pas prise en charge par ce navigateur');         }     }     const storageAccessGranted = getCookie('storageAccessGranted');     if (storageAccessGranted === 'true') {         console.log('L\'accès au stockage a déjà été accordé');     } else {         requestAccess();     }     const sendIAButton = document.getElementById('sendIA');     sendIAButton.addEventListener('click', function() {         if (getCookie('storageAccessGranted') !== 'true') {             requestAccess();         }         other_function();     }); });[/i]

This way, clicking on the sendIA button triggers the authorization for Safari and then you can log in CB

Don't know if this code is optimized but it works, maybe it can help someone else
Last edit: 1 year 8 months ago by activha.
The following user(s) said Thank You: krileon

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum