iframe 跨域，cookie问题，重定向302

// this cookie didnot specify a "SameSite" attribute when it was default to "SameSite=Lax", 
// and was blocked because the request was made from a different site and was not initiated by a top-level navigation . 
// the cookie had to hava been set with "SameSite=None" to enable cross-site usage.

Cookie 的 SameSite 属性

<iframe>

内容安全策略( CSP )

image.png image.png

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Set-Cookie/SameSite