简体繁体 English

用户在关闭浏览器时在IE中登出

[英]User Getting Logged out in IE when closing browser

原文 2015-06-07 23:04:54 5 1 internet-explorer/ session/ cookies/ p3p

I am running a Drupal 7 site and am noticing a problem on IE9, when the browser window is closed the user is logged out. 我正在运行Drupal 7站点，并注意到IE9上的问题，当浏览器窗口关闭时，用户已注销。 We have "remember me" module enabled and the cookie is set to not expire. 我们启用了“记住我”模块，并且cookie设置为不过期。 There is no issue on Chrome or any other browser, you can close browser and when you open it the user is still logged in. I do not not see this problem on any other D7 website I run using this same browser and computer. 在Chrome或任何其他浏览器上没有问题，您可以关闭浏览器，当您打开它时，用户仍然登录。我在使用同一浏览器和计算机运行的任何其他D7网站上都没有看到此问题。 The host is Blackmesh. 主持人是Blackmesh。

settings.php has $cookie_domain = '.mydomain.com'; I am thinking of changing this to $cookie_domain = 'www.mydomain.com'; 我想把它$cookie_domain = 'www.mydomain.com'; as the site always redirects to www this makes sense to me and is what me and my sys admin friend agree on. 因为网站总是重定向到www这对我来说是有意义的，是我和我的系统管理员朋友达成一致的。

One potential solution I am thinking about is setting cookie domain in settings.php $cookie_domain = 'www.mydomain.com'; 我正在考虑的一个潜在解决方案是在settings.php $cookie_domain = 'www.mydomain.com';设置cookie域settings.php $cookie_domain = 'www.mydomain.com';

I am noticing there are some cookies on the site being served from www.my domain and some from .mydomain 我注意到网站上有一些cookie来自www.my域名，一些来自.mydomain

I found some threads that seem to have vaguely similar problems. 我发现一些似乎有类似问题的线程。

http://forums.modx.com/thread/76947/ie-login-issue-with-www-vs-non-www-address http://forums.modx.com/thread/76947/ie-login-issue-with-www-vs-non-www-address

https://www.drupal.org/node/280623 https://www.drupal.org/node/280623

1 个解决方案

There shouldn't be any issue with the cookie domain being .mydomain.com instead of www.mydomain.com because cookies set on the root domain should work properly on any "subdomain" such as www, though it wouldn't hurt to try because it's simple to change. cookie域名应该是.mydomain.com而不是www.mydomain.com应该没有任何问题，因为在根域上设置的cookie应该可以在任何“子域”（例如www）上正常工作，尽管尝试不会受到影响因为它很容易改变。

Depending on the cookie privacy settings in IE, it might be that the cookie is not getting saved for this site if a proper P3P header isn't being sent. 根据IE中的cookie隐私设置，如果没有发送正确的P3P标头，可能是该站点没有保存cookie。 For testing I'm pretty sure you could use p3p: CP="CAO PSA OUR" (so in .htaccess put Header set P3P 'CP="CAO PSA OUR"'. I don't know what the correct P3P would be for your case if this is in fact the issue, but this was one that I've seen work for a different "only IE is blocking cookies" issue. You might need to research it a little if this doesn't work. 为了测试，我很确定你可以使用p3p：CP =“CAO PSA OUR”（所以在.htaccess中将Header设置为P3P'CP =“CAO PSA OUR”'。我不知道正确的P3P是什么你的情况，如果这实际上是问题，但这是我见过的工作为一个不同的“只有IE阻止cookie”问题。如果这不起作用你可能需要研究一下。

If this is the issue, then for using it in production make sure it truthfully represents your privacy policy (check out http://www.techrepublic.com/blog/software-engineer/craft-a-p3p-policy-to-make-ie-behave/ ). 如果这是问题，那么在生产中使用它确保它真实地代表您的隐私政策（请查看http://www.techrepublic.com/blog/software-engineer/craft-a-p3p-policy-to-make - 表现/ ）。

A hint that cookies are being blocked is if you see a privacy eye icon in the status bar (if I recall correctly I think it looks like http://divabradford.org.uk/media/36647/ie_privacy.jpg ). 如果您在状态栏中看到隐私眼图标（如果我没记错的话，我认为它看起来像http://divabradford.org.uk/media/36647/ie_privacy.jpg ），暗示cookie被阻止了。