IE9第三方要求的单独cookie
[英]IE9 Separate cookies for third party request
问题描述
Even though my P3P headers are correct, IE9 seems to hold a separate list for third party requests. 
即使我的P3P标头正确,IE9似乎也为第三方请求保存了单独的列表。
I've added the following P3P 我添加了以下P3P
header('P3P:CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT", policyref="http://domain/w3c/p3p.xml"')
Of course with domain properly set. 当然要正确设置域。 It's created by the IBM tool. 它是由IBM工具创建的。 Next to that I've created the p3p xml file and tested it with p3p validation. 接下来,我创建了p3p xml文件,并使用p3p验证对其进行了测试。
Once I call a test file stating nothing more then 一旦我打电话给测试文件,说明什么都没有,那么
<?php
header ('P3P:CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT", policyref="http://padrichem.ds1.nl.dev/w3c/p3p.xml"');
session_start();
var_dump($_COOKIE);
It says $_COOKIE is empty, refresh and it says $_COOKIE[PHPSESSID] = 'id' 它说$ _COOKIE为空,请刷新,并说$ _COOKIE [PHPSESSID] ='id'
Now I call the same file from a remote location within an iframe it says $_COOKIE is empty, refresh and it says $_COOKIE[PHPSESSID] = 'DIFFERENT id' 现在,我从iframe中的远程位置调用同一文件,说$ _COOKIE为空,刷新后说$ _COOKIE [PHPSESSID] ='DIFFERENT id'
When I disable protected mode this isn't the case. 当我禁用保护模式时,情况并非如此。 Yet it also isn't the case on all domains. 但是,并非在所有域中都如此。
On the harddrive I can only find the cookies set by the iFrame (third-party) call. 在硬盘驱动器上,我只能找到由iFrame(第三方)调用设置的cookie。
Does anyone have any idea why this would occur? 有谁知道为什么会这样?
1 个解决方案
解决方案1
0 2013-05-02 04:19:35
You issue is most probably because of how IE treats cookies in cross-zone scenarios: 您出现问题的原因很可能是IE在跨区域方案中如何对待Cookie:
Refer to the followings: 请参阅以下内容:
IE9 - asp.net cannot access cookie created for my domain by third party site IE9-asp.net无法访问第三方网站为我的域创建的Cookie
Beware Cookie Sharing in Cross-Zone Scenarios 当心跨区域方案中的Cookie共享
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.