ionic3 / angular5:Safari API调用不发送带有问题的sessionid cookie:true

时间:2018-03-22 10:18:57

标签: angular ionic-framework cookies safari mobile-safari

我一直在苦苦挣扎一段时间,我想知道这里是否有人可以提供帮助。

我有一个正在访问外部API的离子3 / angular 5应用程序。登录后,服务器正在发送一个会话ID,我用它来验证所有后续数据调用。 Chrome和Android工作正常。 Safari和iOS不是。

我服务中的登录代码很简单:

public login(credentials): Observable<Object> {
    let httpParams = this.httpParams;
    for (let key in credentials){ httpParams = httpParams.set(key, credentials[key])};
    return this.httpClient.post(this.url + this.loginEndpoint, httpParams, { withCredentials: true });
}

当它被召唤时:

this.authServiceProvider.login({username: this.username, password: this.password}).subscribe(data => {
    <display logged in page>
});

但是当我再次调用dataProvider时,Safari正在服务器上实例化一个新会话,即。不从之前的请求发送会话ID cookie。

CORS正在发挥作用。以下是我的服务器发送的标头,包括cookie。

access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-origin: http://localhost:8100
content-encoding: gzip
content-length: 95
content-type: text/javascript
date: Wed, 21 Mar 2018 15:55:50 GMT
server: Apache-Coyote/1.1
set-cookie: JSESSIONID=BE1997D948436D29A90DA24DC518E29F; Path=/api/; HttpOnly
status: 200
vary: Origin,Accept-Encoding

以下是Chrome根据以下请求发送的标头:

:authority: api.com
:method: POST
:path: /api/login.jsp
:scheme: https
accept: application/json, text/plain, */*
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
content-length: 283
content-type: application/x-www-form-urlencoded;charset=UTF-8
cookie: JSESSIONID=BE1997D948436D29A90DA24DC518E29F; _ga=GA1.2.744976386.1521627198; _gid=GA1.2.533597894.1521627198
origin: http://localhost:8100
referer: http://localhost:8100/?ionicplatform=android&http://localhost:8100/ionic-lab
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36

以下是Safari为第二个请求发送的标头:

Referer: http://localhost:8100/?ionicplatform=android&http://localhost:8100/ionic-lab
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Origin: http://localhost:8100
Host: api.com
Accept: application/json, text/plain, */*
Connection: keep-alive
Accept-Language: en-us
Accept-Encoding: br, gzip, deflate
Content-Length: 283
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7

如果我进入Safari的首选项并取消选中Security&gt;网站跟踪&gt;防止跨站点跟踪,一切都按预期工作。 Safari发送cookie。

Referer: http://localhost:8100/?ionicplatform=android&http://localhost:8100/ionic-lab
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Origin: http://localhost:8100
Host: api.com
Accept: application/json, text/plain, */*
Connection: keep-alive
Accept-Language: en-us
Accept-Encoding: br, gzip, deflate
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7
Cookie: JSESSIONID=32D79DD5171A6B82783252CE22E55083
Content-Length: 283

但显然这不是iOS应用程序用户的解决方案。

任何人都有这方面的经验吗?多年来我发现很多人都有类似的问题,但大多数解决方案都没有对我有用

非常感谢任何帮助!如果您需要更多信息,请告诉我。

1 个答案:

答案 0 :(得分:0)

尝试使用此CORDOVA PLUGIN

这应解决问题