English 中文(简体)
页: 1 食堂
原标题:jQuery getJSON doesnt send cookies

i 包括领域1形式的联合材料2

<script type="text/javascript" src="http://www.domain2.com/script.js"></script>

该字母在载荷和在纽顿点点点点击JSONP对域的要求2

$.getJSON(  http://www.domain2.com/process?callback=? ,
    function(data){
        if ( data ) processData( data );
    }
);

然后,显示领域1的数据。

So here is my problem: The getJSON request doesnt send cookies to the domain2. The weirdest thing is that it does send the cookies half a day and the other half not. :-)

这正是请求在努力开展工作时所看的:

Request details
GET /ajax/embed-user-library?detail=98&callback=jsonp1312398534998 HTTP/1.1 
User-Agent: Opera/9.80 (Windows NT 6.1; U; en) Presto/2.9.168 Version/11.50
Host: www.floowie.com
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en,sk-SK;q=0.9,sk;q=0.8
Accept-Encoding: gzip, deflate
Referer: http://www.sokker.cz/en/test2
Connection: Keep-Alive

Response details
HTTP/1.1 200 OK 
Date: Wed, 03 Aug 2011 19:06:51 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.5-0.dotdeb.1
Set-Cookie: SESSID=64292b70dc28d7c6c9f13f70070353d8; path=/; domain=.floowie.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 34
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/json

And this when it works(nothing changed in the scripts):

Request details
GET /ajax/embed-user-library?detail=99&test=1&callback=jsonp1312398534999 HTTP/1.1 
User-Agent: Opera/9.80 (Windows NT 6.1; U; en) Presto/2.9.168 Version/11.50
Host: test1.floowie.com
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en,sk-SK;q=0.9,sk;q=0.8
Accept-Encoding: gzip, deflate
Referer: http://www.sokker.cz/en/test2
Cookie: __utma=254918925.1489796832.1301725317.1312260335.1312298033.44; __utmz=254918925.1312298033.44.11.utmcsr=sokker.cz|utmccn=(referral)|utmcmd=referral|utmcct=/en/test2; lang=en; FLWSESSID=ddd1bc696f83f5a70b5f0f3ae30b4691; __utma=121955676.1030804516.1282595153.1312390656.1312397285.194; __utmb=121955676.8.10.1312397285; __utmc=121955676; __utmz=121955676.1312397285.194.21.utmcsr=floowie.crmserver.cz|utmccn=(referral)|utmcmd=referral|utmcct=/index.php
Connection: Keep-Alive

Response details
HTTP/1.1 200 OK 
Date: Wed, 03 Aug 2011 19:07:45 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.5-0.dotdeb.1
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 20
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/json

Did someone see such a behaviour? Is it solvable?

谢谢。

问题回答

如果你想利用美国航天中心在不同领域/下提出的请愿书,你必须执行跨源要求。

References:

实例:

您的服务器需要寄送这一头盔:

  • Access-Control-Allow-Origin: test1.floowie.com
  • Access-Control-Allow-Credentials: true // allow cookie/session credentials
  • Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS

You can return the Access-Control-Allow-Origin globally or set specifically dependent of your input Origin ($_SERVER[ HTTP_ORIGIN ]) request header. Also apply for Access-Control-Allow-Methods.

页: 1 在第一次日本宇宙航空研究开发机构发出呼吁之前,现代浏览器称,URL采用一种仪器来检索上述头盔。

Ok this is the first part, the second is with jQuery. Read very carefully this page: http://api.jquery.com/jQuery.ajax/

You will need to add some options to every AJAX call, you can do it globally:

$(document).ajaxSend(function (event, xhr, settings) {
    settings.xhrFields = {
        withCredentials: true
    };
});

或具体:

$.ajax({
    url: a_cross_domain_url,
    xhrFields: {
        withCredentials: true
    }
});

这个问题使我失去many个小时......希望它能帮助。

请注意,如果你想要的话,你就不必把 co子定为“floowie.com”。

时间:2011-10-07 11:15:13

你们必须妥善执行具有通过Ajax发送和接收 co证书的CORS要求。 见developer.mozilla.org,具体列于题为“Requests with accreditation”的一节。

首先,这是一份简单的CORS Ajax申请,附有全权证书,使用j Query 1.5.1+:

$.ajax({
    url: "http://www.domain2.com/process",
    xhrFields: {
        withCredentials: true
    }
}).done(function (data) { console.log(data); });

Note the withCredentials sign in the xhr Fields. 这一旗帜表明,浏览器会向外部域,而不是原始<>/em>域发出 co。 在您的情形下,将送上www.domain2.com的厨师,并允许他们进入服务器。

在服务器方面,你需要为答复增加某些头盔:

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: www.domain1.com

<<>Important: 随附全权证书的要求不能确定Access-Control-Allow-Origin为全球首(Access-Control-Allow-Origin:*)。 它必须具体说明领域(Access-Control-Allow-Origin:www.domain1.com)。

如果你具体说明Access-Control-Allow-Origin的域名,这显然会更好。 但是,如果你不了解或关注从索再解放联盟的请求中提出,你可以使用<条码>Origin<>代码>,从请求中排出头并简单地把Access-Control-Allow-Origin的回复放在首位。 在C#中,我们是如何做到的:

this.Response.AddHeader("Access-Control-Allow-Origin", this.Request.Headers["Origin"]);

在做完这一切之后,会把你设置服务器的 co子寄回,浏览器将能够妥善处理,并插入浏览器的 co子仓库,以www.domain2.com。 其后任何索再解放联盟要求你寄送的这些厨师也将在请求中发出。

如果你提出与GET、POST或HEAD方法不同的要求,则你将需要执行。 (见题为“飞行请求”的一节):

与简单要求(上文讨论)不同的是,“预先飞行”请求首先向另一个领域的资源发出《任择议定书》方法提出的“吉卜赛人的申请”,以确定实际请求是否安全发送。 交叉点要求如此,因为它们可能对用户数据产生影响。 如果:

  • 它使用GET、HEAD或POST以外的方法。 此外,如果使用POST与申请/x-www-form-urlencoded、多部分/格式数据或文字/解释以外的内容-Type发送要求数据,例如,如果POST要求使用申请/xml或文本/xml向服务器发送XML有效载荷,则该请求先飞行。

  • It sets custom headers in the request (e.g. the request uses a header such as X-PINGOTHER)

Side-note about IE8 and IE9: The Ajax call above will fail in IE8 and 9. I included the JS file from MoonScript/jQuery-ajaxTransport-XDomainRequest on my page, and this automagically allowed CORS requests to work in those old IE versions. But sadly, the XDomainRequest object that MS created for IE8 and 9 does not allow cookies to be sent or received. (see this MSDN blog post for more information)

时间:2015-05-28 16:49:19

You have different hosts. In the first example the host is "Host: www.floowie.com". In the second it is "Host: test1.floowie.com".

I m guessing that the cookies are originally set by test1.floowie.com and you haven t specified that they should be available to .floowie.com (i.e. the whole domain and all subdomains).

Can you post the code that sets the cookies in the first place?

If you get this fixed, it should at least show consistent behaviour. However, IE will probably still not pass cookies across subdomains. That s what I m wrestling with at the moment, which is how I can across your question.

时间:2011-08-23 23:11:51


上一篇:


相关问题
selected text in iframe

How to get a selected text inside a iframe. I my page i m having a iframe which is editable true. So how can i get the selected text in that iframe.

时间:2009-11-13 04:26:50 回答:3 展示:1
How to fire event handlers on the link using javascript

I would like to click a link in my page using javascript. I would like to Fire event handlers on the link without navigating. How can this be done? This has to work both in firefox and Internet ...

时间:2009-11-13 04:03:02 回答:2 展示:1
How to Add script codes before the </body> tag ASP.NET

Heres the problem, In Masterpage, the google analytics code were pasted before the end of body tag. In ASPX page, I need to generate a script (google addItem tracker) using codebehind ClientScript ...

时间:2009-11-13 03:31:36 回答:3 展示:1
Clipboard access using Javascript - sans Flash?

Is there a reliable way to access the client machine s clipboard using Javascript? I continue to run into permissions issues when attempting to do this. How does Google Docs do this? Do they use ...

时间:2009-11-09 14:57:38 回答:8 展示:1
javascript debugging question

I have a large javascript which I didn t write but I need to use it and I m slowely going trough it trying to figure out what does it do and how, I m using alert to print out what it does but now I ...

时间:2009-11-09 14:29:27 回答:2 展示:1
Parsing date like twitter

I ve made a little forum and I want parse the date on newest posts like twitter, you know "posted 40 minutes ago ","posted 1 hour ago"... What s the best way ? Thanx.

时间:2009-11-09 14:21:27 回答:2 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全