问题描述
尝试将来自second.com的Cookie复制到first.com,并完全控制这两个网域。
Trying to copy a cookie from second.com to first.com, with full control of both domains.
以前使用iFrame,但这不能
Previously an iFrame was used, however this is not able to work across all browsers as it touched on 'third-party cookies' which are hard to implement and impossible in Safari and Chrome.
这种新方法使用了SCRIPT标记指向的方式,可以在所有浏览器中使用到second.com并包含在first.com的HEAD中。服务器端脚本实际上是一块Java,它读取与请求一起发送的Cookie(来自second.com的cookie),返回的JavaScript在first.com上执行,并在本质上复制了cookie。这是工作伟大的所有浏览器,除了IE,其中IE似乎没有发送second.com的Cookie与SCRIPT请求,所以Java不能从第二个收取cookie值。
The new approach uses a SCRIPT tag pointing to second.com and included in the HEAD of first.com. The server-side script is actually a piece of Java which reads the cookies sent with the request (the cookies from second.com) and the JavaScript returned executes on first.com and essentially duplicates the cookie here. This is working great in all browsers except IE, where IE appears to not be sending the second.com cookies with SCRIPT request, so the Java is not able to pickup the cookie value from second.com.
这是肯定与IE的安全设置,当我把隐私的最低水平,它是工作,但我的问题是为什么cookie被阻止?我认为SCRIPT标记不受相同的原始政策(AJAX和其他技术必须遵守)。
This is surely to do with IE security settings as when I put privacy to the lowest level it is working, but my question is why are the cookies being blocked at all? I thought the SCRIPT tag was not subject to the same origin policy (that AJAX and other technologies have to comply with).
任何解决方案,无需遵循P3P隐私政策路线?
Any solution to this without heading down the P3P privacy policy route?
推荐答案
这绝对是IE安全设置,如果你试图这样,你需要设置一个P3P即使在您达到second.com
It's definitely IE security settings, if you're attempting this you'll need to set a P3P compact privacy policy on the page which sets the cookie on first.com, even before you've reached second.com
这篇关于正在复制Cookie跨网域,为什么其他浏览器正在使用SCRIPT标记发送的IE阻止Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!