PHP中的AWS Cloudfront SetCookie [英] AWS Cloudfront SetCookie in PHP
问题描述
我正在尝试设置cookie以查看来自AWS Cloudfront的私有内容
I am trying to set a cookie to view private content from AWS Cloudfront
他们给出了一个示例Cookie标头:
They give an example cookie header:
Set-Cookie: Domain=d111111abcdef8.cloudfront.net; Path=/; Secure; HttpOnly; CloudFront-Key-Pair-Id=APKA9ONS7QCOWEXAMPLE
我创建了以下php代码
I created the following php code
setcookie (
'CloudFront-Key-Pair Id',
'MYID',
0,
'/',
'mycloudfrontsub.cloudfront.net',
true,
true
);
但未设置cookie。仅当我取出域名时才设置cookie。
But the cookie is not set. The cookie is only set if I take out the domain name.
我认为这是由于session_start之后在脚本中调用setcookie所致。我尝试添加它,但在session_start()
I think this is due to calling the setcookie in a script after session_start. I tried adding this, but it's required before session_start()
session_set_cookie_params(0, '/', 'duvoxso6rm38g.cloudfront.net);
我需要做这样的事情吗?
Do I need to do something like this?
//close local session, then open new one for aws
$id=SID;
session_write_close();
session_set_cookie_params(0, '/', 'mysub.cloudfront.net');
session_start();
setcookie(...);
session_write_close();
session_set_cookie_params(0, '/', 'originaldomain.com');
session_start();
推荐答案
cookie不会显示在浏览器中,因为您发送来自域B的域A的Cookie。出于安全原因,浏览器会静默忽略它。这是浏览器功能,而不是PHP。
The cookies do not show up in the browser because you send a cookie for a domain A from domain B. That is silently ignored by the browsers for security reasons. This is a browser feature not a PHP thing.
如果要在CloudFront中使用签名的cookie,则需要使用CNAME作为CloudFront发行版的子域PHP服务器域。可以在以下位置找到更详细的答案: https://mnm.at/markus/2015/04/05/serving-private-content-through-cloudfront-using-signed-cookies/
If you want to use signed cookies with CloudFront you need to use a CNAME for the CloudFront distribution that is a subdomain of you PHP server domain. A more detailed answer can be found under: https://mnm.at/markus/2015/04/05/serving-private-content-through-cloudfront-using-signed-cookies/
简而言之:假设您要使用域 example.com 。您可以在 www.example.com 下提供PHP文件。然后,您可以将CNAME media.example.com 用于d111111abcdef8.cloudfront.net。要将Cookie从PHP端发送到CloudFront服务器,您需要在Cookie中使用域 example.com 。
In short: assume you want to use the domain example.com. You serve the PHP files under www.example.com. Then you can use the CNAME media.example.com for the d111111abcdef8.cloudfront.net. To send the cookies from the PHP side to the CloudFront Server you need to use the domain example.com in the Cookie.
参考站点还会注意到您应该使用PHP函数 header()发送cookie,而不是 setcookie()。这是因为setcookie函数执行的某些编码破坏了网站上提到的函数创建的唱歌参数。
The referenced site does also notice that you should use the PHP function header() to send the cookie, not setcookie(). This is because the setcookie function does some encoding that ruins the singing parameter created with the functions mentioned on the site.
这篇关于PHP中的AWS Cloudfront SetCookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
