Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cookie not being saved with Next.js 15 and Safari #870

Open
josiahwiebe opened this issue Nov 7, 2024 · 6 comments
Open

Cookie not being saved with Next.js 15 and Safari #870

josiahwiebe opened this issue Nov 7, 2024 · 6 comments

Comments

@josiahwiebe
Copy link

It seems like the change to the cookies() function in Next.js may have broken a variety of things (#840, #861, #869).

The specific issue that I've encountered is that the cookie does not get saved when using Safari (version 18.0.1). I've created a simple reproduction for the issue here: https://github.com/josiahwiebe/iron-session-next-15-safari-example

Steps to reproduce

These examples should be tested in Safari. In Chromium based browsers and Firefox, this example behaves as expected.

  1. Test the example "using iron-session". Click login, and refresh the page. Your logged-in state will not be preserved.
  2. Test the example "using iron-session seal/unseal". This is the current workaround I'm using. Your logged-in state should be preserved on refresh.
@CasvanderGun
Copy link

Had the same issue here! Next.js kept throwing the error Cookies can only be modified in a Server Action or Route Handler. when the sameSite option was set to lax. However, changing this option to strict seemed to solve the issue. Now everything is working as expected. Don't have any clue what could cause this behaviour, but thought it might be useful information.

@vvo
Copy link
Owner

vvo commented Nov 12, 2024

@josiahwiebe or @CasvanderGun would you like to open a PR? It should work with 14 and 15 ideally, thanks!

@josiahwiebe
Copy link
Author

josiahwiebe commented Nov 12, 2024
edited
Loading

@CasvanderGun that didn't seem work for me unfortunately. never mind, I'm just a fool. setting it to strict does work – I think possibly no PR necessary.

@CasvanderGun
Copy link

@josiahwiebe The weird thing is that this "solution" seems to be unstable. Most times it won't throw the error mentioned above, but sometimes it will, even when the sameSite option is set to strict. Also having troubles again?

@vvo Unfortunately I'm still a very unexperienced developer, so I don't know whether I would be able to add a lot of value here. Just trying to get my first app working, which is already challenging enough :)

@vvo
Copy link
Owner

vvo commented Nov 15, 2024

@josiahwiebe Thanks a lot for this, if you find a way to fix it open a PR. Otherwise I will have a look but in approximately 2 weeks. Thanks.

@santisbon
Copy link

santisbon commented Dec 9, 2024
edited
Loading

In my tests with sealData/unsealData on localhost with Next.js 15.0.4 and React 19.0.0:
Safari - It works (cookie is set) when the secure cookie option is explicitly set to false.
Chrome - It works when the secure cookie option is explicitly set to true.

If secure is not specified at all (making it false), it works on both browsers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@vvo @josiahwiebe @santisbon @CasvanderGun