嵌入在 iframe 中的网站可以读取父网站 cookie 吗?
[英]Can websites that is embedded in an iframe, reads parent website cookie?
问题描述
I have a html page where there is an iframe added.
我有一个 html 页面,其中添加了一个 iframe。 Inside that iframe i have loaded another html page.在 iframe 中,我加载了另一个 html 页面。 Both are different domains.两者是不同的域。 Now can the iframe website read the cookies of its parent website?现在 iframe 网站可以读取其父网站的 cookie 了吗? If not then how can i make the iframe wesbite read its parent website cookie?如果没有,那么如何让 iframe wesbite 读取其父网站 cookie?
1 个解决方案
解决方案1
0 2021-06-21 22:36:42
Of course not, a cookie is bound to a domain.当然不是,cookie 绑定到域。 Imagine if advertisers could retrieve the session cookie in every page their ads are embedded in.想象一下,如果广告商可以在他们的广告嵌入的每个页面中检索会话 cookie。
The parent page has to provide the cookie of his own accord to an iframe , (ideally with postMessage ) but an iframe is not able to retrieve the parent cookie on its own.父页面必须根据自己的意愿向iframe提供 cookie(最好使用postMessage ),但iframe无法自行检索父 cookie。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.