如何在弹出窗口中保留 iframe 的会话状态?
我正在为一位客户制作一个 Web 应用程序,该客户希望将应用程序的登录信息放在其网站上的 iframe 内。成功登录后,我们希望在新的弹出窗口中打开应用程序,但似乎登录的会话仅保留在 iframe 内,而不保留在主窗口或弹出窗口中。这只是 IE 中的问题,其他浏览器中没有问题。
有没有可行的方法来实现这一点?
流程是这样的:
- 用户访问客户的网站 (www.url1.com)
- 用户登录到应用程序,该应用程序位于 iframe(来自 www.url2.com)
- iframe 中的应用程序验证登录
- iframe 中的应用程序使用 window.open 来 在新的单独的应用程序中打开应用程序 window
编辑: Fiddler 显示 iframe 中发生的情况附加到一个 iexplore 进程,而主窗口中发生的情况附加到另一个进程。这显然是问题所在,可以解决吗?
I'm making a web application for a customer that has clients who want to put the login to the app inside of an iframe on their web sites. On a succesful login we want to open the app in a new pop-up window, but it seems that the logged in session is only retained inside of the iframe and not in the main window or in the pop-up. This is only a problem in IE, not in any other browser.
Is there a working way to implement this?
The flow is this:
- User goes to client's website (www.url1.com)
- User logs in to app, which is in an
iframe (from www.url2.com) - App in iframe validates login
- App in iframe uses window.open to
open the app in a new, separate
window
EDIT: Fiddler shows that what happens in the iframe is attached to one iexplore process and what happens in the main window is attached to another. This obviously is the problem, can it be worked around?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
在从另一个域加载页面的 iframe 中设置 cookie 有时会导致一些奇怪的问题。如果 cookie 不起作用,您的登录很可能也将无法起作用。
为了在之前的情况下解决这个问题,我必须做的是在 IIS/Code 中添加一个自定义 http 标头,这突然使事情变得正常。
C# 代码示例:
Setting cookies in an iframe which loads a page from another domain can cause some strange issues sometimes. And if the cookies don't work, chances are, your login won't work either.
To get around it in a previous case, what I had to do is to add a custom http header in either IIS / Code which suddenly made things work.
Sample C# code:
尝试使用 Fiddler 检查登录页面(在 iframe 中)创建的 cookie 是否已发送到新打开的弹出窗口。如果没有,那么可能是 IE 中的设置阻止了这种情况的发生。
编辑:要查看 Fiddler 中的 cookie,请转到“检查器”选项卡,然后转到“标头”。在请求标头(上)中,您将看到从服务器发送到浏览器的 cookie。在响应标头(向下)中,您将看到从浏览器发送到服务器的 cookie(它们应该被发送回浏览器以供后续请求)。
Try to use Fiddler to check if the cookies created by the login page (in the iframe) are sent to the newly opened popup. If not then it maybe a setting in the IE that prevents this from happening.
Edit: To see the cookies in Fiddler go to the Inspectors tab, then to Headers. At Request headers (up) you'll see the cookies sent from server to browser. At Response headers (down) you'll see the cookies sent from browser to the server (they should be sent back to browser for subsequent requests).