Cloudflare cookie blocked by cross site trackers
I have a wordpress site behind CF access + and R2 bucket serving images and media also behind CF access, each on separate subdomains.
When I first load the site the images don't load, because the image url is being redirected to auth with cloudflare access, it is not sharing the auth cookie I believe because it is on a different subdomain.
If i load the image url in a separate tab, the image loads and I believe stores the cookie for that domain(Same CF_Authorization cookie as wordpress subdomain), then the images load on the main wordpress site no problem(I'm assuming because it has the cookie stored under both subdomains now)
Is there a way around this without asking users to disable cross site tracking in safari and brave(shields)?
I have tried adding CORS allow rules for the R2 bucket to no avail.
When I first load the site the images don't load, because the image url is being redirected to auth with cloudflare access, it is not sharing the auth cookie I believe because it is on a different subdomain.
If i load the image url in a separate tab, the image loads and I believe stores the cookie for that domain(Same CF_Authorization cookie as wordpress subdomain), then the images load on the main wordpress site no problem(I'm assuming because it has the cookie stored under both subdomains now)
Is there a way around this without asking users to disable cross site tracking in safari and brave(shields)?
I have tried adding CORS allow rules for the R2 bucket to no avail.
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
