Login page: 419 Page Expired in Google Chrome

Try to change same_site in config/session.php

Default by Laravel is lax, if you have there something different change it to lax.

https://www.chromestatus.com/feature/5088147346030592

@michaloravec

   /*
    |--------------------------------------------------------------------------
    | Same-Site Cookies
    |--------------------------------------------------------------------------
    |
    | This option determines how your cookies behave when cross-site requests
    | take place, and can be used to mitigate CSRF attacks. By default, we
    | will set this value to "lax" since this is a secure default value.
    |
    | Supported: "lax", "strict", "none", null
    |
    */

    'same_site' => 'lax',

nothing is changed.. in same_site. I do not understand why it take too much time in chrome. In other browser login system works properly... Basically for authentication, I'm using the laravel-ui

Also try it to set to none.

@michaloravec now login is not working. Only page refreshed if I put the credentials and hit the login button only page is refreshed

Okay that is weird I am having no trouble in Chrome. Have you modified anything. Meanwhile keep your site safe. I have not had to mess with any settings to get it working in Chrome.

Edit:

I even updated chrome to latest, I logged in local development, and online.

I then logged into here (laracast), all worked well. I am guessing Jeffrey is on version 8.

So I am wondering if you had modified something in Authentication that would cause a problem with chrome?

@neeraj1005 did you figure out anything on this issue yet?

Try to change 'secure' => env('SESSION_SECURE_COOKIE', false) in session.php

Or

Change $this->secure = false (hard-coded) in __contruct func in Cookie.php " your_project\vendor\symfony\http-foundation" (For test)

Clear cache and config.

Check your dev tools/application tab, Were the sessions/caches of laravel stored?

Hope this helps :D

Some people on the discussions section on Laravel's Github repository are saying it can be related to installed extensions in Google Chrome.

More info: https://github.com/laravel/framework/discussions/33689

@rodrigo.pedra yes it's not laravel, see my reply above, I have had no problems with Chrome.

In fact I tried all sorts of stuff to make it "mess up", refreshing, back, hit enter, etc.

Thanks for the heads up @jlrdw

Just stumbled upon this thread and remembered the discussion over GitHub board and thought it might be a good idea to share so it might help somehow.

@rodrigo.pedra here is another long post https://laracasts.com/discuss/channels/laravel/laravel-got-stuck-after-login-laravel-58

I tried everything I could to duplicate the problem.

Sure, since I first saw that discussion on GitHub I tried everything to duplicate and also couldn't.

Have apps in Laravel 8, Laravel 7 (migrating last one this week) and Laravel 6 (can't migrate this one on the short term...) and never faced that issue.

But I only use Chrome for Gmail and testing in Chrome when needed. For daily use and development I use Firefox, so my Chrome install has no extensions or any kind of plugin/modification.

So maybe it is a extension-related problem, I don't know.

@jlrdw

did you figure out anything on this issue yet?

Still same issue...in chrome I checked my all authentication file and other but not works...

Some people on the discussions section on Laravel's Github repository are saying it can be related to installed extensions in Google Chrome.

@rodrigo.pedra Maybe It could be the problem of extension...because in my chrome browser I have installed lots of extensions.

@jlrdw @rodrigo.pedra Thank you very much I found it. It is an extension problem... I tried and open new guest chrome where there is no extension installed. And RUn the project and no issue occurs.

Note: Extension causes the issue..... Now I've to figure out which extension is responsible for this :)

You're welcome. Great you got it working =)

I had the same issue, but disabling plugins didn't work. What worked for me was as follows:

Open Chrome, type chrome://flags in the address bar, then press “Enter“. Find "Cookies without SameSite must be secure" and disable it. Click "Refresh" button at the bottom.

There are a lot of secure measures in this page. You may want to tweak other flags for your cases. I suggest you to put them back to "Default" when you go back to normal browsing after work.