Laravel Web-sockets And Chrome `SameSite` Attribute
So there is a lot of issues about this sameSite buisness, but I cannot find any answers when it comes to Laravel Websockets. There is nothing in their documentation about this.
So I thought I would ask here and see if you guys have any ideas.
Consider the following configuration:
import Echo from 'laravel-echo'
window.Pusher = require('pusher-js');
window.Echo = new Echo({
broadcaster: 'pusher',
key: process.env.MIX_PUSHER_APP_KEY,
wsHost: window.location.hostname,
wsPort: 6001,
wssPort: 6001,
disabledStats: true,
encrypted: false,
enabledTransports: ['ws', 'wss'],
namespace: 'App',
auth: {
headers: {
'X-CSRF-TOKEN': token.content
}
}
});
According to their docs, they use the pusher library - but there is no indication of it actually hitting pusher website. And I dont need any pusher credentials as those are all faked.
The issue is simple:
A cookie associated with a cross-site resource at http://support.pusher.com/ was set without the
SameSiteattribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set withSameSite=NoneandSecure. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
Which is all over stack overflow.
I disableSats and while yes the websockets do still run and work fine, eventually chrome will be like "nope". So I have no idea if this is a pusher issuer, the laravel websockets issue or what.
Does any one have any ideas on what I could do or attempt to do? I have tried setting forceTLS: true in the above config and that seems to work - but then web sockets won't connect.
I am worried that one day my app will just cease to work as we depend on websockets for a lot of functionality and this is one of the easiest and best libraries out there that do not require days of research and set up.
Answer
Firstly we have to understand workflow on this operation.
Here is example;
Your laravel backend
▼
[pub/sub service (can be redis pusher etc..)]
▼
laravel echo server
▼
websocket client ( mostly laravel echo client)
On client side
Websocket (mostly laravel echo client)
▼
Laravel echo server
▼
http request to laravel backend
If you are trying to find trace from client side to pusher website this is not possible your client react with laravel echo server.
If you want to trace laravel echo server to pusher then you have to debug laravel echo server.
On your case, most likely pusher works fine (i been using their service for a while never seen a issue) if you want to debug that. You can use redis server and connect laravel echo to redis (and its works on your local network, way way faster then pusher)
I hope its helps.
Related Questions
- → "failed to open stream" error when executing "migrate:make"
- → October CMS Plugin Routes.php not registering
- → OctoberCMS Migrate Table
- → OctoberCMS Rain User plugin not working or redirecting
- → October CMS Custom Mail Layout
- → October CMS - How to correctly route
- → October CMS create a multi select Form field
- → October CMS - Conditionally Load a Different Page
- → How to disable assets combining on development in OctoberCMS
- → October CMS - Radio Button Ajax Click Twice in a Row Causes Content to disappear
- → OctoberCms component: How to display all ID(items) instead of sorting only one ID?
- → In OctoberCMS how do you find the hint path?
- → How to register middlewares in OctoberCMS plugin?