未在 Ajax 请求中设置第三方 cookie
[英]Third-party cookie not set on Ajax request
问题描述
When visiting foo.com the response of an Ajax GET request to bar.co.at includes this response header:
当访问foo.com ,对bar.co.at的 Ajax GET 请求的响应包含以下响应头:
Set-Cookie: PHPSESSID=i39mm1u7jh4tr7pmebue1k7abc;
expires=Thu, 19-Nov-2020 20:34:40 GMT;
Max-Age=3600;
path=/;
domain=.bar.co.at;
secure;
HttpOnly;
SameSite=none
A subsequent Ajax POST request to bar.co.at does not include any cookie header.对bar.co.at后续 Ajax POST 请求不包含任何cookie标头。 But I need this header for having a session on bar.co.at .但是我需要这个标题才能在bar.co.at上进行会话。
Maybe that could be related to CORS somehow, or maybe to the cookie name PHPSESSID ?也许这可能以某种方式与 CORS 相关,或者可能与 cookie 名称PHPSESSID ?
(It's the same on Firefox and Chrome 86.0.4240.111) (在 Firefox 和 Chrome 86.0.4240.111 上是一样的)
1 个解决方案
解决方案1
1 已采纳 2021-02-25 12:07:11
Seems like it is Third Party Anti Tracking (TPT) policy.似乎这是第三方反跟踪 (TPT) 政策。 So from this time, browser will not send cookies to third party domains from your domain.因此,从此时起,浏览器将不会从您的域向第三方域发送 cookie。
https://blog.mozilla.org/blog/2019/09/03/todays-firefox-blocks-third-party-tracking-cookies-and-cryptomining-by-default/ https://blog.mozilla.org/blog/2019/09/03/todays-firefox-blocks-third-party-tracking-cookies-and-cryptomining-by-default/
Some options to how you can resolve it you can find here : https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/您可以在此处找到有关如何解决它的一些选项: https : //webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.