Menu
I have used Google sign-in my angular 9 project. I am using google sign-in js API. It's giving error Cookies are not enabled in current environment in google chrome incognito mode, although it's working fine in normal google chrome tab. below is the error details.
details: "Cookies are not enabled in current environment."
error: "idpiframe_initialization_failed"
Understand that in incognito mode by default third party cookies are disabled but what is the solution for this? I found other sites that are using google sign-in is perfectly working in google chrome incognito mode.
680
You can switch between Incognito windows and regular Chrome windows. You'll only browse in private when you're using an Incognito window. You can also choose to block third-party cookies when you open a new incognito window. Learn more about cookies.
This issue can be caused by corrupted cookies or cookies that are blocked. Clear the Cache and remove the Cookies from websites that cause problems via the "3-bar" Firefox menu button (Options/Preferences).
If incognito mode is not working, open Chrome and click on the three-dot menu followed by Settings. Next, click on Reset and clean up followed by Restore settings to their original defaults. Click Reset settings and then try to enter the incognito mode to see if it works.
some extensions and add-ones installed on browser prevent gmail from working, but in incognito mode extensions and add-ones doesn't work because of that it opens there, so try to disable one by one you will b able to find culprit. if above solution doesn't work clean your browser cache and cookies.
Angular is just javascript in a browser. So a user loading an angular app is being served a bunch of javascript from your server. If that server handles authentication with google-api, then your user only interacts with your server (albeit with a redirect to sign into google).
This authentication flow doesn't require 3rd party cookies.
However! If your authentication is handled directly in the user's browser, then your app will not work if 3rd party cookies are disabled (as they are in incognito mode).
For example, I have an angular app that I serve via Github pages. Github serves the app but then doesn't do anything else. Since I need to create a document in the user's GDrive, I authenticate and access their resources all from within a javascript client. For that to work securely, users of my ap must allow 3rd party cookies. There isn't really a way around that.
If I had a backend for my app, then the user could give my server permission to access their google drive and no 3rd party cookies would be required. At that point, it's not the frontend javascript client (angular app) that is accessing the user's GDrive, but instead my server.
Using a backend allows for a different and generally more secure authentication flow. To a user, however, the user experience is the same. This is why in some situations the user must allow 3rd party cookies and in others, they do not.
In general, you can secure a server much better than you can trust a user's system/browser to be secure. If security is a concern, you really should be making API calls from a server rather than from within a browser. Doing so should also fix your problem.
65
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
