0
我在本地機器上運行2個網站。 (通過主機文件配置的名稱)。CORS問題與jQuery和餅乾的子域
- cf2.localhost.net(laravel)
- cf2wp.localhost.net(WordPress的)
當用戶登錄到WordPress他們從.localhost.net餅乾,當他們加載他們在laravel網站上的頁面也收到了這些cookie數據。
當我嘗試做一個jQuery Ajax請求,不過Cookie不會發送
使用Chrome工具,我驗證過:
- 請求http://cf2.localhost.net/home發送WordPress的餅乾到服務器
的CORS預檢返回OK與
Access-Control-Allow-Credentials:true Access-Control-Allow-Headers:Authorization, Content-Type Access-Control-Allow-Methods:OPTIONS, GET, POST, PUT, PATCH, DELETE Access-Control-Allow-Origin:http://cf2.localhost.net Access-Control-Expose-Headers:X-WP-Total, X-WP-TotalPages Connection:Keep-Alive Content-Length:5166 Content-Type:application/json; charset=UTF-8 Date:Thu, 25 May 2017 06:30:36 GMT Keep-Alive:timeout=5, max=100 Link:<http://cf2wp.localhost.net/wp-json/>; rel="https://api.w.org/" Server:Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/7.1.1 Vary:Origin X-Content-Type-Options:nosniff X-Powered-By:PHP/7.1.1 X-Robots-Tag:noindex
但是接下來發出的請求沒有設置wordpress cookie。它只有從cf2.localhost.net
Accept:application/json, text/javascript, */*; q=0.01 Accept-Encoding:gzip, deflate, br Accept-Language:en-GB,en-US;q=0.8,en;q=0.6 Connection:keep-alive Content-Length:27 Content-Type:application/json; charset=UTF-8 Cookie:jenkins-timestamper-offset=-28800000; olfsk=olfsk19949676680174977; hblid=HFZEjdNeyuKRupkV3m39N0H8REA26ar9; _ga=GA1.1.1566562504.1495496019; io=qjc8cwjKxij4G9ggAAAA Host:localhost Origin:http://cf2.localhost.net Referer:http://cf2.localhost.net/home User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
任何想法是怎麼回事加密laravel的呢?
您在Cookie上指定了哪個域名?您需要設置「domain = localhost.net」,以使其在兩個子域 –
@RoryMcCrossan - .localhost.net上可用。當我們請求頁面時,這個cookie確實發送到laravel服務器。只是當我做阿賈克斯調用 – FloatingKiwi