尽管我有Set-Cookie作为响应,但浏览器未设置cookie
[英]Browsers are not setting cookies although I have Set-Cookie in response
问题描述
I have an api endpoint for static S3 hosted site. 
我有一个用于静态S3托管站点的api端点。 The S3 site lives on the domain name: www.mysite.com S3网站使用域名:www.mysite.com
My api (django) runs on the site the domain name: api.mysite.com 我的api(django)在站点上运行的域名是:api.mysite.com
When I use my login button on my site and sign in using proper username/password django sends back response with a Set-Cookie but the browser doesn't set any cookies. 当我在网站上使用登录按钮并使用正确的用户名/密码登录时,django使用Set-Cookie发送回响应,但浏览器未设置任何cookie。 You can see the full response below, 您可以在下面看到完整的回复,
Request URL:http://api.mysite.com:8000/api/form/login/
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Content-Length:46
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Host:api.mysite.com:8000
Origin:http://mysite.com
Pragma:no-cache
Referer:http://mysite.com/eventform.html
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.22 (KHTML, like Gecko) Ubuntu Chromium/25.0.1364.160 Chrome/25.0.1364.160 Safari/537.22
Form Dataview sourceview URL encoded
token:68f4ebd02c0e1915d3e3110a04fccb0ab670aeab
Response Headersview source
Access-Control-Allow-Origin:*
Content-Type:text/html; charset=utf-8
Date:Mon, 13 May 2013 22:21:54 GMT
Server:WSGIServer/0.1 Python/2.7.3
Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path=/
Vary:Cookie
note the line Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path 注意这行Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path =/ Set-Cookie:sessionid=3kn2hovtweeofalf00ld3lowb6yvete; Domain=.mysite.com; expires=Mon, 27-May-2013 22:21:54 GMT; Max-Age=1209600; Path = /
In Django I have the SESSION_COOKIE_DOMAIN = '.mysite.com' 在Django中,我有SESSION_COOKIE_DOMAIN ='.mysite.com'
but I've tried changing it to 'mysite.com' and '' neither of which has allowed my browser to set this returned cookie. 但我尝试将其更改为“ mysite.com”和“”,但这两个均未允许我的浏览器设置此返回的Cookie。
www.msyite.com is a static site hosted on Amazon S3 but I'm using Django as my api/backend for data. www.msyite.com是托管在Amazon S3上的静态站点,但是我使用Django作为数据的api /后端。
When I render my login pages using Django they work just fine (login/logout cookies and sessions all work fine, so I know it's not my django code) but when using S3 or even a python SimpleHTTPServer the browser doesn't set the returned cookie. 当我使用Django渲染登录页面时,它们工作得很好(登录/注销cookie和会话都可以正常工作,因此我知道这不是我的django代码),但是当使用S3甚至是python SimpleHTTPServer时,浏览器都不会设置返回的cookie 。
Thanks in advance! 提前致谢!
1 个解决方案
解决方案1
0 2013-05-13 22:57:47
AFAIK the purpose of a static S3 site is to not set/accept any cookies at all? AFAIK静态S3网站的目的是根本不设置/接受任何cookie?
We're using that for static content like images in order to get rid of all that cookie stuff and not have the overload in the request during image or CSS requests. 我们将其用于图像之类的静态内容,以消除所有Cookie内容,并且在图像或CSS请求期间请求中不会出现过载。
And: S3 is not a usual web server, it behaves very different, RTM is highly recommended. 并且:S3不是普通的Web服务器,它的行为非常不同,强烈建议使用RTM。 It's weired, true, but the answer I distilled from this thread Can S3 set a user cookie? 很奇怪,是真的,但是我从该线程中提取的答案S3可以设置用户cookie吗? is just "No." 只是“不”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.