I've updated my MacBook to the latest Mojave 10.14.6 (18G87) version. Since that update I'm not able to login into my Symfony 4.3 applications using Safari anymore. I always get the error message "Invalid CSRF token". With Chrome it's working.
I updated Symfony to the most recent version 4.3.3 I'm not using FOSUserBundle. Apache is running with version 2.4.39 (homebrew) PHP version is 7.2.20 (homebrew)
Any help is appreciated. Regards, Markus
I have the same error.
Just comment out this line inside your framework.yml
file to make it work:
#cookie_samesite: lax
The reason its not working inside Safari 12 is due to a bug inside the webkit engine. It will be fixed in Safari 13. Safari 12 incorrectly handles unknown SameSite values and will treat any unknown value (including None and lax) as if it was SameSite=Strict.
Bugtracker: https://bugs.webkit.org/show_bug.cgi?id=198181
If my answer was helpful, I would appreciate if you accept this answer 👍