in PHP script callback from gateway after cancel or pay is failed and lost Cookie .
but with the line in htaccess it has worked .
Header append Set-Cookie ;SameSite=None;Secure;
is that have problem for server or site ? is it the way for solve this problem ?
CodePudding user response:
This is due to newer versions of the browser and the security of cookies in browsers that do not return payment information to your site when you return, and your solution is correct.
If your site detects and blocks CSRF attacks well, you can set SameSite to None for better performance. If your site has processes such as electronic payment that requires the user to be redirected to the bank site and then returned to your site with additional information, it is necessary to set the None value for SameSite so that the user does not lose cookies in return and you can Identify. If your site does not use cookies for a specific function and user identification is of little importance, you can set the value to Strict.