跨站点服务器上的 jQuery/Ajax 请求不使用该服务器上设置的 (auth) cookie

发布于 2024-10-06 22:04:00 字数 435 浏览 2 评论 0原文

我们有一个从另一台服务器获取数据的网页。该页面是“本地”加载的(即从文件系统加载,该Web应用程序将被放置在phonegap应用程序内,因此我们通过从file:// url加载它来将其模拟到firefox/chrome中),并使用jquery和ajax从服务器检索数据。 服务器似乎配置为遵守 CORS 标准(http://www.w3.org/TR/cors/,即我们设置诸如 Access-Control-Allow-Origin、Access-Control-Allow-Credentials 和 Access-Control- Max-Age),但尽管如此,服务器设置的会话 cookie 似乎永远不会被读取或传回服务器。 如果我们在服务器上“手动”创建会话(即在地址栏上发出请求,以便服务器在客户端上设置 cookie),然后打开上述页面,则该 cookie 永远不会传回服务器在 Ajax 请求中。

有什么可能出问题的提示吗?

We have a web page that gets data from another server. The page is loaded "locally" (i.e. from the file system, this web app will be placed inside a phonegap application and so we simulate it into firefox/chrome by loading it from the file:// url), and uses jquery and ajax to retrieve data from a server.
The server seems configured to respect the CORS standard (http://www.w3.org/TR/cors/ i.e. we set headers such as Access-Control-Allow-Origin, Access-Control-Allow-Credentials and Access-Control-Max-Age) but notheless, it seems that the session cookie that the server set is never read nor passed back to the server.
And if we create "by hand" a session on the server (i.e. issuing the requests on the address bar so that the server sets a cookie on the client) and then we open the aforementioned page, that cookie is never passed back to the server in the Ajax requests.

Any hint on what could be possibly wrong?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

冷默言语 2024-10-13 22:04:00

你在什么浏览器中测试这个? IE 和 Safari 对于允许设置 cookie 的响应有特殊的规则,特别是当它们是从本地页面主机生成时。您是否在某个非本地文件系统的域上测试过此页面?

对于 IE,您需要配置服务器的 P3P 标头。对于 Safari,您必须先浏览到服务器的 url,然后才能允许来自不同域的页面发出的任何请求设置 cookie。

What browser are you testing this in? IE and Safari have peculiar rules as to what responses they will allow to set cookies, especially when they are made from a page host locally. Have you tested this page on some domain that is not a local filesystem?

For IE, you will need to configure the P3P headers of the server. For Safari, you will have to browse to the url of the server before it allows any requests made from a page of a different domain to set cookies.

我最亲爱的 2024-10-13 22:04:00

您是否尝试从框架或 IFrame 设置 cookie?

您的问题可能与第三方 cookie 策略有关。
我发现在网络服务器上设置以下 P3P 标头在大多数情况下都会有所帮助:

P3P: CP=NOI NID NOR

此解决方案在 Safari 上不起作用,但在 IE 和 IE 上运行良好。火狐。
由于您的应用程序针对的是 iPhone,因此它可能无法解决您的问题。

Are you trying to set a cookie from a frame or IFrame?

Your problem might be related to third-party cookie-policy.
I found out that setting the following P3P-headers at the webserver helps in most cases:

P3P: CP=NOI NID NOR

This solution won't work on Safari, but works fine on IE & Firefox.
Since your app targets the IPhone, it may not solve your problem.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文