Set-cookie asp.net_sessionId在登录响应时存在,但是Asp.net sessionId在第二个iframe src请求中有所不同:(
这是关于CORS的问题吗?我该如何解决?
登录请求
请求: http://10.215.147.180:8080/Webshell/Home/Login 开机自检 引荐来源:http://localhost:4200/authentication/login
回复: set-cookie:ASP.NET_SessionId = lgepjmyn4kgml5qaa3eg5fur;路径= /; HttpOnly 设置cookie:ASP.NET_SessionId = lgepjmyn4kgml5qaa3eg5fur; expires =星期四,18-Jul-2019 02:32:23 GMT;路径= /; HttpOnly 的Set-Cookie:AuhtenticationCookieName = Qmp00tyk_Y2txvq-Z-VkjhcYJJkOInIHQFMR2-L6uW0wuk8PeMfceTHI5CpvPS2iE-f6tlb8qsWibzUhZA33JQVtRkYOMGr9vuGgZEkyUu2yllMTb-5_I97qzLcndcT9qbS67PKPWUllBK9V3nubtXG21wAe4XVpJMgNBgYdug2XuMzsaeqT3vq64-iH8KaFhOcYoX_qC8B1J-DNcYBcG7QIATm1uz_O1LhBS7U65CEgiveIdt7GOO9zGEErqSitxJDwUjJUHrPnTaWgwTIJP2G8CwrrDsSSWeGCzJhd6uEOiiAR82-CHCzqtjOu-qoTP6WsjfVFr-7Httz0dNuKs1O6o5tEpXTbvFwgHHDL-8lN9pJyW5aUmvNNWuvcn3Sd77L5sHnlahxX-1alPMpTig;路径= /; expires =星期三,2019年7月17日14:52:23 GMT; HttpOnly x-aspnetmvc版本:5.2 x-aspnet版本:4.0.30319 x源文件:=?UTF-8?B? x技术支持:ASP.NET x-content-type-options:nosniff access-control-allow-origin:http://localhost:4200 访问控制允许标题:Content-Type access-control-allow-credentials:是
iframe Src请求 http://10.215.147.180:8080/singlesignon/tabsignon
主机:10.215.147.180:8080 Cookie:ASP.NET_SessionId = ldedb4oynvhrpw4wac5lirzd 推荐人:http://localhost:4200/shell/apps 升级不安全请求:1
答案 0 :(得分:0)
我使用“ withCredentials:true”解决了这个问题