iFrame 中的 X 域 Cookie
我有一个域名 A.com,这是我的网站。我想允许用户登录,然后我将一个 iframe 嵌入到域 B.com 中,它尝试从 A.com 获取 cookie 以允许用户继续登录。
我似乎无法理解这一点在 IE 中工作?相反,会设置一个新会话,并且永远不会检索 cookie。
我已经设置了 P3P 策略?任何想法我做错了什么。
I have a domain A.com which is my website. I want to allow the user to login and then I have embedded an iframe into domain B.com which attempts to grab the cookie from A.com to allow the user to be continued to be signed in.
I can't seem to get this working in IE ? A new session gets set instead and the cookie is never retrieved.
I have set a P3P policy ? Any ideas what I am doing wrong.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
B.com 将无法访问 A.com 的 cookie。我认为您将第三方 cookie 与跨域 cookie 混淆了。通过第三方 cookie(与 P3P 相关),B 的内容(例如 http://b.com/ foo.png)包含在 http://a.com 中并设置自己的 cookie。但这不允许 A 或 B 读取彼此的 cookie。
如果您希望 A 和 B 在客户端进行通信,您可以使用类似 片段 id 消息传送,或开发诸如 发布消息
B.com is not going to be able to access cookies from A.com. I think you are confusing third-party cookies with cross-domain cookies. With a third-party cookie (which P3P is relevant to), B's content (e.g. http://b.com/foo.png) is included on http://a.com and sets its own cookie. That doesn't allow A or B to read each other's cookies though.
If you want A and B to communicate on the client side, you can use hacks like fragment id messaging, or developing functionality like postMessage