Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cookie 方式不能跨域 #50

Open
yanhj93 opened this issue Feb 6, 2020 · 6 comments
Open

cookie 方式不能跨域 #50

yanhj93 opened this issue Feb 6, 2020 · 6 comments

Comments

@yanhj93
Copy link

yanhj93 commented Feb 6, 2020

hello, 源码中cookie domain不设置, 但web规范set-cookie中domain为空时会默认为当前访问的主机地址. 那请问多域名下cookie是如何跨域的
@yangxing19930210
Copy link

本身支持跨域,是通过cookis回写的方式

@zsq963092066
Copy link

你好,我本地访问47.99.132.21的sso-server,返回的cookic的session的dimain是47.99.132.21,我本地再访问自己服务时,校验获取cookic的时候,获取不到cookic信息,怎么解决这cookic跨域问题

@yangxing19930210
Copy link

你好,我本地访问47.99.132.21的sso-server,返回的cookic的会话的dimain是47.99.132.21,我本地再访问自己的服务时,恢复获取cookic的时间,获取不到cookic信息,怎么解决这cookic跨域问题
要通过访问本地服务跳转到47.99.132.21,才会回写token,然后跳转本地,本地解析后,读取redis的信息到重写到本地cookis,

@zsq963092066
Copy link

我是本地访问自己服务没有权限 跳转47.99.132.21的sso-server, 进入到47的登录界面, 这时候本地是有cookic的,domain的地址是47的地址. 登录成功重定向到我本地服务之前访问地址, 但是这时候会经过我本地的过滤器嘛,这个时候会校验信息, 可是这时本地cookic还没有写入,只有47的cookic信息,导致获取cookic为null,然后陷入死循环了,

@yangxing19930210
Copy link

用浏览器看看前端,看看报错没有,可能是因为浏览器的策略引起的,去年谷歌更新了策略,限制了cookis的跨域读取

@zsq963092066
Copy link

解决了,他的代码不单单是读取cookic获取sessionId去校验, 再跳转回来的时候,他还读取了请求链接上面的sessionId,并回写入本地Cookic中.我拆他项目时,没有留意只获取cookic, 没有获取链接上面的seesinId回写到本地cookic,所以就陷入死循环了

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yangxing19930210 @yanhj93 @zsq963092066