1

现在我正在使用 play framework 2.3,如何在 cors(跨域)上共享 cookie 我在端口 localhost:9000 上有播放应用程序,我想将 cookie 共享给在 localhost:5000 上运行的客户端客户端无法获取我尝试使用的 cookie在播放框架应用程序中:

response().setCookie(AUTH_TOKEN, authToken); //with setting on application.conf (session.domain="http://localhost:5000") cookies sent but cannt read by javascipt /failed
response().setCookie(AUTH_TOKEN, authToken,10000,"localhost:5000","/"); //fail
response().setCookie(AUTH_TOKEN, authToken,10000,"127.0.0.1:5000","/*"); //fail
response().setCookie(AUTH_TOKEN, authToken,10000,"127.0.0.1:5000","/*"); //fail

这是对 chrome 的回应:

Remote Address:127.0.0.1:9000
Request URL:http://localhost:9000/common/login
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,id;q=0.6,ms;q=0.4
Connection:keep-alive
Content-Length:33
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Host:localhost:9000
Origin:http://localhost:5000
Referer:http://localhost:5000/index-login.html
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Form Dataview sourceview URL encoded
username:adilramdan
password:1234
Response Headersview source
Access-Control-Allow-Headers:X-Requested-With, Content-Type, X-AUTH-TOKEN
Access-Control-Allow-Origin:*
Content-Length:52
Content-Type:application/json; charset=utf-8
Set-Cookie:authToken=8cd7d5cc-600a-42a0-ab79-d7ff2b4f71b0; Expires=Tue, 15 Jul 2014 02:30:09 GMT; Path=/

<--------COOKIES 在响应服务器上可用,但 JAVA 脚本客户端说没有找到 COOKIES

如何正确的方式?任何人都可以帮助我吗?

4

1 回答 1

0

您可能需要使用 Access-Control-Allow-Credentials 标头。如果您使用 AJAX/JQuery,则必须设置

withCredentials = true

在您的要求中。服务器还必须使用标头响应

Access-Control-Allow-Credentials: true

请注意,如果您这样做,您必须为Access-Control-Allow-Origin. 如果是通配符,浏览器将不接受Access-Control-Allow-Credentials标头。Access-Control-Allow-Origin

请参阅此处的资源:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Access-Control-Allow-Credentials

http://www.html5rocks.com/en/tutorials/cors/

于 2014-08-11T18:50:31.973 回答