Internet Explorer 9 和 Chrome 不处理 set-cookie 标头

发布于 2024-11-30 05:21:02 字数 2781 浏览 1 评论 0原文

我正在测试我的网站，它可以在 Iron、Firefox 和 Opera 上正常运行，现在使用 Internet Explorer 9 和 Chrome。它在每个浏览器中设置两个重要的 cookie，IE9 和 Chrome 除外。这些浏览器似乎忽略了 set-cookie 标头。在我降低安全和隐私设置之前，Internet Explorer 中也丢失了 Facebook 的 cookie（除了来自 skype.com 的 cookie，IE 中根本没有任何 cookie）。

Cookie 是为现代-iq.appspot.com 域设置的（该项目的 alpha 版本可通过 http: //modern-iq.appspot.com）。它不包含下划线，对我来说看起来符合标准。

与实际路径无关，我总是为 cookie 选择“/”。域始终为 Modern-iq.appspot.com（无跨域 cookie）。没有 iframe。

更新：我做了以下测试：

工作

在Ubuntu（64位）上
Iron 12.0.750.0（88853）：cookie在Ubuntu（64位）上工作Firefox 6.0：cookie
在Windows XP上工作Firefox 3.6.13：cookie在
Firefox上工作（ Windows 7 上的未知版本：cookie 不起作用

Windows

7 上的 Internet Explorer 9：cookie 不起作用
Chrome Windows XP 上的 13.0.782.112 m：cookie 不起作用

更新：请求失败的 Chrome 和工作 Iron 的日志：

requestlog -chrome.har（忽略 cookie）
requestlog-chrome.txt（忽略 cookie）
requestlog-iron.har （保留 cookie）
requestlog-iron.txt （保留 cookie

）有问题的 cookie 是请求链末尾的 fb_user 和 fb_access_token。

接受所有 cookie，但 IE9 不发送它们

set_cookie 调用 (Python)：

set_cookie(self.response, FACEBOOK_USER_COOKIE_NAME, str(profile["id"]), domain='modern-iq.appspot.com',
                   expires=time.time() + COOKIE_EXPIRY_SPAN) #30 * 86400)
set_cookie(self.response, FACEBOOK_ACCESS_TOKEN_COOKIE_NAME, str(access_token), domain='modern-iq.appspot.com',
                   expires=time.time() + COOKIE_EXPIRY_SPAN) #30 * 86400)

set_cookie (Python)：

def set_cookie(response, name, value, domain=None, path="/", expires=None):
    """Generates and signs a cookie for the give name/value"""
    for domain in domain, : #'localhost':
        logging.info('DOING COOKIE OF DOMAIN '+repr(domain)+'...')
        timestamp = str(int(time.time()))
        value = base64.b64encode(value)
        signature = cookie_signature(value, timestamp)
        cookie = Cookie.BaseCookie()
        cookie[name] = "|".join([value, timestamp, signature])
        cookie[name]["path"] = path
        if domain: cookie[name]["domain"] = domain
        if expires:
            cookie[name]["expires"] = email.utils.formatdate(
                expires, localtime=False, usegmt=True)
        response.headers._headers.append(("Set-Cookie", cookie.output()[12:]))

原文

I am testing my website which works fine with Iron, Firefox and Opera, now using Internet Explorer 9, and Chrome. It sets two important cookies in every browser, except for IE9 and Chrome. It seems the set-cookie headers are ignored by these browsers. Until I lowered security and privacy settings, Facebook's cookies were missing too in Internet Explorer (except for cookies from skype.com, there weren't any cookies at all inside IE).

The cookies are set for the domain modern-iq.appspot.com (the alpha version of this project is accessible at http://modern-iq.appspot.com). It doesn't contain underscores and it looks standard-compliant to me.

Independent of the actual path, I always choose "/" for my cookies.
The domain is always modern-iq.appspot.com (no cross-domain cookies). There are no iframes.

UPDATE: I did the following tests:

work

Iron 12.0.750.0 (88853) on Ubuntu (64-bit): cookies work
Firefox 6.0 on Ubuntu (64-bit): cookies work
Firefox 3.6.13 on Windows XP: cookies work
Firefox (unknown version) on Windows 7: cookies work

don't work

Internet Explorer 9 on Windows 7: cookies don't work
Chrome 13.0.782.112 m on Windows XP: cookies don't work

UPDATE: Request logs of failing Chrome and working Iron:

requestlog-chrome.har (cookies ignored)
requestlog-chrome.txt (cookies ignored)
requestlog-iron.har (cookies kept)
requestlog-iron.txt (cookies kept)

The questionable cookies are fb_user and fb_access_token at the end of the request chain.

All cookies are accepted, but IE9 doesn't send them

set_cookie calls (Python):

set_cookie(self.response, FACEBOOK_USER_COOKIE_NAME, str(profile["id"]), domain='modern-iq.appspot.com',
                   expires=time.time() + COOKIE_EXPIRY_SPAN) #30 * 86400)
set_cookie(self.response, FACEBOOK_ACCESS_TOKEN_COOKIE_NAME, str(access_token), domain='modern-iq.appspot.com',
                   expires=time.time() + COOKIE_EXPIRY_SPAN) #30 * 86400)

set_cookie (Python):

def set_cookie(response, name, value, domain=None, path="/", expires=None):
    """Generates and signs a cookie for the give name/value"""
    for domain in domain, : #'localhost':
        logging.info('DOING COOKIE OF DOMAIN '+repr(domain)+'...')
        timestamp = str(int(time.time()))
        value = base64.b64encode(value)
        signature = cookie_signature(value, timestamp)
        cookie = Cookie.BaseCookie()
        cookie[name] = "|".join([value, timestamp, signature])
        cookie[name]["path"] = path
        if domain: cookie[name]["domain"] = domain
        if expires:
            cookie[name]["expires"] = email.utils.formatdate(
                expires, localtime=False, usegmt=True)
        response.headers._headers.append(("Set-Cookie", cookie.output()[12:]))

分享到QQ

分享到微博