当客户端具有指定的端口chrome时,未设置跨域cookie

时间:2015-09-25 16:25:58

标签: google-chrome cookies cors

有两个域:client.com和cookies.com。 Client.com提供文件:

<!DOCTYPE html>
<html>
<head>
    <title>Requester</title>
</head>
<body>
    <script>
        var request = new XMLHttpRequest();
        request.withCredentials = true;
        request.open("POST", 'http://cookies.com');
        request.send();
    </script>
</body>
</html>

并且cookies.com提供文件

<?php
    header('Access-Control-Allow-Origin: http://client.com');
    header('Access-Control-Allow-Credentials: true');
    $i = 0;
    setcookie('A' . $i++, 'B', time() + 24 * 60 * 60, '/', '', false, false);
    setcookie('A' . $i++, 'B', time() + 24 * 60 * 60, '/', '.client.com', false, false);

设置好的饼干,大家都很开心。但现在,client.com必须从client.com:3000提供服务,因此cookies.com代码将变为

<?php
    header('Access-Control-Allow-Origin: http://client.com:3000');
    header('Access-Control-Allow-Credentials: true');
    $i = 0;
    setcookie('A' . $i++, 'B', time() + 24 * 60 * 60, '/', '', false, false);
    setcookie('A' . $i++, 'B', time() + 24 * 60 * 60, '/', '.client.com', false, false);
    //Just for test, but cookies don't accept ports... don't they?
    setcookie('A' . $i++, 'B', time() + 24 * 60 * 60, '/', '.client.com:3000', false, false);

似乎firefox接受域特定的cookie,但chrome不会。

为什么?

0 个答案:

没有答案
相关问题
最新问题