框架 + Internet Explorer 的奇怪现象

发布于 2024-09-09 01:36:13 字数 4887 浏览 11 评论 0原文

我遇到了一些关于框架和互联网浏览器的非常奇怪的行为。

情况是这样的:

  • 我在 www.webapp.com 上有我的 Web 应用程序
  • 我有一个客户想要在他的网站上有一个登录我的 www.webapp.com 的框: www.vendor.com
  • 供应商他的网站已设置由他的网页设计师在 www.vendor.com 上设计。它由 2 个框架组成:
    • 第一个框架的高度和宽度为 100%,其位置位于 www.webdedesigner.com/clients/vendor
    • 第二帧跨越 0,0 并且不指向任何内容

远程站点上的登录框指向我的网站应用。并发布登录名+用户名等。 客户的网站设置框架的原因是为了使浏览器的 URL 位置栏始终保持在 www.vendor.com。 (呃,甚至不让我开始)。

问题是当我从 www.vendor.com 登录到我的 Web 应用程序时,我的 Web 应用程序已加载到框架中,但我的所有 CSS 和 Javascript 均未加载。

这种情况只发生在 IE7/8 中,我已经在 Firefox、Chrome、Opera 和 Safari 中进行了测试,它们中的每一个都确实按其应有的方式加载了我的 CSS 和 JS 文件。

这就是我的标题的样子:

    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="nl" xmlns:xf="http://www.w3.org/2002/xforms"> 
  <head> 
    <title>My Webapp</title> 
    <meta http-equiv="Content-Type" content="text/html" /> 
    <link rel="icon" href="/img/favicon.ico" /> 
    <link rel="shortcut icon" href="/img/favicon.ico" /> 
    <link rel="stylesheet" type="text/css" href="/css/css.php?css=public" /> 
    <script type="text/javascript" src="/js/js.php?js=public"></script> 
  </head> 
  <body> 

我怀疑 IE 没有正确处理 CSS/JS 的相关 URL...

还有更奇怪的事情!如果我清除 IE 浏览缓存并首先通过该域登录 www.webapp.com,然后在 IE 中注销并通过 www.vendor.com 登录,CSS/JS 就会加载!什么……?我的整个网络应用程序驻留在 HTTPS 上,因此它不应该缓存任何资源...

我很惊讶,所以我在这里发帖...有人知道发生了什么吗?

编辑

好的,在我为 Internet Explorer 安装了正确的调试工具(而不是默认的调试工具)后,我能够检查正在发送的 HTTP 标头。因此,我比较了 IE 和 Firefox,结果显示:

IE 请求登录帖子到我的网络应用

(Request-Line):POST /?portal&returnurl=www.vendor.com HTTP/1.1
Accept:application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Content-Type:application/x-www-form-urlencoded
Accept-Encoding:gzip, deflate
Host:www.webapp.nl
Content-Length:40
Connection:Keep-Alive
Cache-Control:no-cache

IE 响应

(Status-Line):HTTP/1.1 200 OK
Date:Wed, 14 Jul 2010 10:35:34 GMT
Server:Apache
X-Powered-By:PHP/5.1.6
**Set-Cookie:PHPSESSID=uiluornfipr2dk294iro09tgg6; path=/**
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma:no-cache
Set-Cookie:lang=0
Set-Cookie:lang=0
Connection:close
Transfer-Encoding:chunked
Content-Type:text/html; charset=UTF-8

IE CSS 请求:

(Request-Line):GET /css/css.php?css=portal HTTP/1.1
Accept:*/*
Host:www.webapp.nl
Connection:Keep-Alive

IE CSS 响应

(Status-Line):HTTP/1.1 200 OK
Date:Wed, 14 Jul 2010 10:35:35 GMT
Server:Apache
X-Powered-By:PHP/5.1.6
**Set-Cookie:PHPSESSID=pe2cio1vhu0shq2i497bjh5oa4; path=/**
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma:no-cache
Content-Length:0
Connection:close
Content-Type:text/html; charset=UTF-8

Firefox 请求登录帖子到我的网络应用

Host    www.webapp.nl
Accept  text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language nl,en-us;q=0.7,en;q=0.3
Accept-Encoding gzip,deflate
Accept-Charset  ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive  115
Connection  keep-alive

FF 响应

Date    Wed, 14 Jul 2010 10:38:57 GMT
Server  Apache
X-Powered-By    PHP/5.1.6
**Set-Cookie    PHPSESSID=re10rmqq7u723ht3719o9q5el3; path=/ lang=0 lang=0**
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control   no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma  no-cache
Connection  close
Transfer-Encoding   chunked
Content-Type    text/html; charset=UTF-8

FF CSS 请求

Host    www.webapp.nl
Accept  text/css,*/*;q=0.1
Accept-Language nl,en-us;q=0.7,en;q=0.3
Accept-Encoding gzip,deflate
Accept-Charset  ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive  115
Connection  keep-alive
**Cookie    PHPSESSID=re10rmqq7u723ht3719o9q5el3; lang=0**

FF CSS 响应

Date    Wed, 14 Jul 2010 10:38:57 GMT
Server  Apache
X-Powered-By    PHP/5.1.6
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control   no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma  no-cache
Connection  close
Transfer-Encoding   chunked
Content-Type    text/css; charset=utf-8

(为简洁起见删除了一些)

差异是显而易见的。 IE 不会将 cookie 与 CSS 请求一起发送,即使它确实从登录响应中收到了 set-cookie。 Firefox 确实将 cookie 与 CSS 请求一起发送。 除非设置了有效的 cookie,否则我的 web 应用程序不会返回 CSS/脚本。

Soo,任何框架/cookie 专家都知道为什么 IE 不将其在第一个响应中收到的 cookie 发送到正在加载的页面的进一步资源请求中?

块引用

I'm running into some very odd beheaviour regarding frames and internet explorer.

The situation is like this:

  • I have my web application on www.webapp.com
  • I have a client that wants to have a login box to my www.webapp.com on his website: www.vendor.com
  • The vendor his website is setup by his webdesigner at www.vendor.com. It consists of 2 frames:
    • First frame spans 100% height and width and it's location is at www.webdedesigner.com/clients/vendor
    • Second frame spans 0,0 and doesn't point to anything

The login box on the remote site points to my web application. And posts login+username etc.
The reason the client's website is setup with the frames is so that the browser's URL location bar always is kept at www.vendor.com. (Ugh, don't even get me started).

The problem is when I login from www.vendor.com to my web app, and my web app is loaded in the frame all of my CSS and Javascript is not loaded.

This only occurs in IE7/8, I've tested it in Firefox, Chrome, Opera and Safari and each one of them does load my CSS and JS files at it should.

This is how my header looks like:

    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="nl" xmlns:xf="http://www.w3.org/2002/xforms"> 
  <head> 
    <title>My Webapp</title> 
    <meta http-equiv="Content-Type" content="text/html" /> 
    <link rel="icon" href="/img/favicon.ico" /> 
    <link rel="shortcut icon" href="/img/favicon.ico" /> 
    <link rel="stylesheet" type="text/css" href="/css/css.php?css=public" /> 
    <script type="text/javascript" src="/js/js.php?js=public"></script> 
  </head> 
  <body> 

I'm suspecting IE doesn't handle the relatie URL's of the CSS/JS correctly...

There's an even more odd thing! If i clear my IE browsing cache and I first login to www.webapp.com via that domain, and than logout and login via www.vendor.com in IE, the CSS/JS does load! What the...? My whole webapp resides on HTTPS so it shouldn't be caching any resources...

I'm flabergasted so I resort to posting here.. anyone know what's up?

Edit

Okay, after I installed a proper debugging tool for Internet Explorer (instead of the default one), I was able to inspect the HTTP headers beeing sent. So I compared IE and Firefox and these results showed up:

IE Request Login post to my webapp

(Request-Line):POST /?portal&returnurl=www.vendor.com HTTP/1.1
Accept:application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Content-Type:application/x-www-form-urlencoded
Accept-Encoding:gzip, deflate
Host:www.webapp.nl
Content-Length:40
Connection:Keep-Alive
Cache-Control:no-cache

IE Response

(Status-Line):HTTP/1.1 200 OK
Date:Wed, 14 Jul 2010 10:35:34 GMT
Server:Apache
X-Powered-By:PHP/5.1.6
**Set-Cookie:PHPSESSID=uiluornfipr2dk294iro09tgg6; path=/**
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma:no-cache
Set-Cookie:lang=0
Set-Cookie:lang=0
Connection:close
Transfer-Encoding:chunked
Content-Type:text/html; charset=UTF-8

IE CSS Request:

(Request-Line):GET /css/css.php?css=portal HTTP/1.1
Accept:*/*
Host:www.webapp.nl
Connection:Keep-Alive

IE CSS Response

(Status-Line):HTTP/1.1 200 OK
Date:Wed, 14 Jul 2010 10:35:35 GMT
Server:Apache
X-Powered-By:PHP/5.1.6
**Set-Cookie:PHPSESSID=pe2cio1vhu0shq2i497bjh5oa4; path=/**
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma:no-cache
Content-Length:0
Connection:close
Content-Type:text/html; charset=UTF-8

Firefox Request Login post to my webapp

Host    www.webapp.nl
Accept  text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language nl,en-us;q=0.7,en;q=0.3
Accept-Encoding gzip,deflate
Accept-Charset  ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive  115
Connection  keep-alive

FF Response

Date    Wed, 14 Jul 2010 10:38:57 GMT
Server  Apache
X-Powered-By    PHP/5.1.6
**Set-Cookie    PHPSESSID=re10rmqq7u723ht3719o9q5el3; path=/ lang=0 lang=0**
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control   no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma  no-cache
Connection  close
Transfer-Encoding   chunked
Content-Type    text/html; charset=UTF-8

FF CSS Request

Host    www.webapp.nl
Accept  text/css,*/*;q=0.1
Accept-Language nl,en-us;q=0.7,en;q=0.3
Accept-Encoding gzip,deflate
Accept-Charset  ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive  115
Connection  keep-alive
**Cookie    PHPSESSID=re10rmqq7u723ht3719o9q5el3; lang=0**

FF CSS Response

Date    Wed, 14 Jul 2010 10:38:57 GMT
Server  Apache
X-Powered-By    PHP/5.1.6
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control   no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma  no-cache
Connection  close
Transfer-Encoding   chunked
Content-Type    text/css; charset=utf-8

(Removed some for brevity)

The difference is obvious. IE doesn't sent the cookie along with the CSS request, even though it did receive a set-cookie from the login response. Firefox does sent the cookie along with the CSS request.
And my webapp doesn't return CSS/Script unless a valid cookie was set.

Soo, any frame/cookie guru knows why IE doesn't send along the cookies it received in the first response in further resource requests for a page it's loading?

Blockquote

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

若水微香 2024-09-16 01:36:13

默认情况下,IE 会阻止来自第三方站点的 cookie,您应该在状态栏中注意到隐私之眼变为活动状态,并且表明它已阻止您站点上的 cookie。

By default IE blocks cookies from third party sites, you should note in the status bar that the privacy eye becomes active and it states that it has blocked the cookies at your site.

坏尐絯℡ 2024-09-16 01:36:13

?js=public 不是被切断了吗?

Isn't ?js=public getting cut off ?

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文