What about this: Cookies with the SameSite=None; Secure and not Partitioned attributes that operate in cross-site contexts are third-party cookies. In future Chrome versions, setting third-party cookies will be blocked. This behavior protects user data from cross-site tracking. Not to worry when using a proxy?
How we can setup custom domain for nuxt app. like u setup. for my environment I am using laragon which have custom domain features. But I can't make it to work for nuxt app. And thank you for your videos. It's really helpful.
I'm having a hard time fully understanding this example. Isn't the proxy irrelevant? It does make the first example work, but it's a bit of a weird use case in my opinion. Technically, it only works because the laravel backend does actually live on the same domain nuxt.test. The api.test route only points towards that. If you actually were to host the laravel backend at api.test, the proxy itself wouldn't work too, like in the other 2 examples. To make the other 2 examples work, you removed SESSION_DOMAIN from the .env. I feel like now direct requests would also work without a proxy? And isn't removing the session domain a big security risk? There has to be a reason it's in the .env. Couldn't I make successful authentication requests to the laravel api from any domain now?
@@cdruc I put the project into production const response = await fetch("/backend/login", { credentials: "include", method: "POST", headers: { accept : 'application/json', 'x-xsrf-token': useCookie('XSRF-TOKEN').value || "" }, body: form.value }); or i can use localstorage auth?
