我正在我的网页http://vista.local/上加载javascript。该脚本向Web服务http://api.vista.local/sessions发送POST请求,该请求设置cookie在响应中设置
Accept-Ranges:bytes
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Accept, Origin, Content-Type, Cookie
Access-Control-Allow-Methods:GET,POST
Access-Control-Allow-Origin:http://vista.local
Age:0
Cache-Control:public, max-age=1
Connection:keep-alive
Content-Length:36
Content-Type:application/json
Date:Sun, 23 Aug 2015 06:00:45 GMT
Server:Apache-Coyote/1.1
Set-Cookie:vista-session=c07c4d25-5c6e-47a3-9bbc-60f7d122075a;Domain=.vista.local;Path=/;HttpOnly
Set-Cookie:vista-loggedin=true;Domain=.vista.local;Path=/;
Set-Cookie:vista-user-email=vista1839@yahoo.com;Domain=.vista.local;Path=/;HttpOnly
Set-Cookie:vista-session-dummy=c07c4d25-5c6e-47a3-9bbc-60f7d122075a;Version=1
Set-Cookie:vista-secured-session=08239195-e95e-4f42-adeb-5d9c745ca853;Domain=.vista.local;Path=/;Secure;HttpOnly
Vary:Accept-Encoding,User-Agent
X-UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.99 Safari/537.36
我尝试了不同类型的Cookie .. HttpOnly,非HttpOnly没有域名,有域名。什么都行不通。
我要求的JS / JQuery代码
function login(formdata) {
$.ajax({
url : api.sessions,
method : "POST",
data : JSON.stringify(formdata),
dataType : 'text',
contentType: 'application/json',
success : function(data) {
console.log("yeeeii")
},
error: function(jqXHR, textStatus, errorThrown) {
$(".error").html(textStatus);
}
});
}
答案 0 :(得分:7)
设置withCredentials
...
method : "POST",
xhrFields: {
withCredentials: true
},
...