PHP session not working Android 13

miranrulzz · September 5, 2023, 7:34pm

hi all. I am facing a strange issue. I updated my app to Android 13 but when I try to log into my app using my username and password it successfully verifies the username and password through API but does not create any session. In the previous version, everything was fine.

Getting this error from the debugger

Because a cookie’s SameSite attribute was not set or is invalid, it defaults to SameSite=Lax, which prevents the cookie from being set in a cross-site context. This behavior protects user data from accidentally leaking to third parties and cross-site request forgery.

Resolve this issue by updating the attributes of the cookie:

Specify SameSite=None and Secure if the cookie is intended to be set in cross-site contexts. Note that only cookies sent over HTTPS may use the Secure attribute.
Specify SameSite=Strict or SameSite=Lax if the cookie should not be set by cross-site requests

artlogic · September 5, 2023, 11:37pm

Android 13 is more strict in checking for security issues with HTTP(S) requests. If you have control over the API, you will need to follow the recommendations regarding the SameSite and Secure. If you do not have control of the API, then you may want to speak with the person/company who does as this issue is likely affecting other users.