PHP跨域Cookie-静态子域除外
[英]php cross domain cookie - except static subdomain
问题描述
I have a website with n number of sub-domains, and one reserved for static content. 
我有一个拥有n个子域的网站,并且为静态内容保留了一个。 I need to set up a cookie across all sub-domains except the static sub-domain. 我需要跨除静态子域之外的所有子域设置Cookie。 My home-page is on a sub-domain-less (domain.lk) manner. 我的主页采用无子域(domain.lk)的方式。 It is possible to route it to www.domain.com if necessory 如有必要,可以将其路由到www.domain.com
It is more important to keep the static sub-domain cookie free. 保持静态子域Cookie的空闲更为重要。
I have tried the following line of code before reading cookies 在读取Cookie之前,我已经尝试了以下代码行
ini_set('session.cookie_domain', 'domain.lk');
and 和
ini_set('session.cookie_domain', 'www.domain.lk');
That line was present only on dynamic sub-domains. 该行仅出现在动态子域上。 But it didn't work. 但这没有用。 Cookie was not accessible from different sub-domains. 无法从其他子域访问Cookie。
My static sub-domain is hard coded in to many contents (database records), therefor changing that is not a good option. 我的静态子域被硬编码为许多内容(数据库记录),因此更改不是一个好的选择。
1 个解决方案
解决方案1
1 已采纳 2013-07-12 16:27:49
There's no means of setting a domain level cookie and making it not visible on given sub-domain. 无法设置域级别的Cookie,并使它在给定的子域中不可见。 (You will however need to prefix the domain with a period as such...) (但是,您将需要在域名前加上句号...)
ini_set('session.cookie_domain', '.domain.lk');
However, if the static domain doesn't require cookies (or indeed presumably the existence of PHP at all), the fact that this cookie doesn't exist shouldn't be an issue. 但是,如果静态域不需要cookie(或者实际上根本就不需要PHP),那么不存在此cookie的事实就不会成为问题。
That said, you should be able to overcome this using the mod_headers Apache module on the given sub-domain (so that it's not transmitted to the browser client) via... 也就是说,您应该能够通过以下方式在给定的子域上使用Apache的mod_headers Apache模块来克服这一问题(这样它就不会传输到浏览器客户端):
RequestHeader unset Set-Cookie
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.