Cookie “PHPSESSID” will be soon treated as cross-site cookie against <file> because the scheme does not match

Digital Ninja picture Digital Ninja · Aug 7, 2020 · Viewed 9.1k times · Source

I've just noticed my console is littered with this warning, appearing for every single linked resource. This includes all referenced CSS files, javascript files, SVG images, and even URLs from ajax calls (which respond in JSON). But not images.

The warning, for example in case of a style.css file, will say:

Cookie “PHPSESSID” will be soon treated as cross-site cookie against “http://localhost/style.css” because the scheme does not match.

But, the scheme doesn't match what? The document? Because that it does.

  • The URL of my site is http://localhost/.
  • The site and its resources are all on http (no https on localhost)
  • The domain name is definitely not different because everything is referenced relative to the domain name (meaning the filepaths start with a slash href="/style.css")

The Network inspector just reports a green 200 OK response, showing everything as normal.

It's only Mozilla Firefox that is complaining about this. Chromium seems to not be concerned by anything. I don't have any browser add-ons. The warnings seem to originate from the browser, and each warning links to view the corresponding file source in Debugger.

Why is this appearing?

Answer

Paramjot Singh picture Paramjot Singh · Aug 17, 2020

that was exactly same happening with me. the issue was that, firefox keeps me showing even Cookies of different websites hosted on same URL : "localhost:Port number" stored inside browser memory.

In my case, i have two projects configured to run at http://localhost:62601, when i run first project, it saves that cookie in browser memory. when i run second project having same URL, Cookie is available inside that projects console also.

what you can do, is delete the all of the cookies from browser.