在iframe中使用RedirectToAction之后,将重置ASP.NET MVC会话 [英] ASP.NET MVC Session gets reset after using RedirectToAction within iframe
问题描述
我有一个ASP.NET MVC应用程序(例如App_A)和另一个ASP.NET应用程序(例如App_B). App_B具有一个可在其中加载App_A的iframe.
I have an ASP.NET MVC application (say, App_A) and another ASP.NET application (say, App_B). App_B has an iframe that loads App_A within it.
App_B上的代码如下所示:
iframe.Attributes["src"] = frameURL;
其中frameURL是一个变量,包含指向App_A的链接.
The code on App_B looks something like this:
iframe.Attributes["src"] = frameURL;
where frameURL is a variable containing a link to App_A.
当iframe加载URL并调用App_A上的index()方法时,我正在会话Session["CartID"] = 373895中设置一个值,而我正在使用RedirectToAction("Shipping").但是在Shipping()操作方法中,会话似乎是null.设置会话变量并调用RedirectToAction()的代码位于iframe中.
When the iframe loads the URL and the index() method on App_A gets invoked, I'm setting a value in session Session["CartID"] = 373895 and I'm using RedirectToAction("Shipping"). But within the Shipping() action method, the session seems to be null. The code that sets the session variable and calls RedirectToAction() are within the iframe.
我之前在Safari浏览器中遇到的类似问题:
过去两年来,它一直运行良好,没有任何问题.以前,我在Safari浏览器上只有CORS问题.由于父窗口和iframe上的网站来自不同的域,因此重定向后,由于重置,我无法在iframe中保留会话值.要在Safari上解决此问题,我必须在父窗口上加载iframe网站(App_A),设置Cookie,然后重定向回父网站,然后在iframe中再次加载App_A.这使我即使在重定向后也可以保留会话值.既然我在Chrome,Firefox和Microsoft Edge上都有类似的问题,我尝试了与Safari相同的修复程序(如上所述),但是我仍然无法在Chrome和其他浏览器上保留会话值.
This has been working fine for the past 2 years without any issues. Previously, I was only having CORS issue on Safari browser. Since the websites on the parent window and the iframe were from different domains, I was not able to retain session values within iframe after redirection as it was getting reset. To fix this on Safari, I had to load the iframe site (App_A) on the parent window, set a cookie and then redirect back to the parent website and load App_A within iframe again. This allowed me to retain session values even after redirection. Now that I have a similar issue on Chrome, Firefox and Microsoft Edge, I tried the same fix that worked for Safari (as described above) but I'm still unable to retain session values on Chrome and other browsers.
一些调试信息:
我尝试调试此问题,并在Global.asax文件中添加了Session_Start()方法,该方法在调用RedirectToAction("Shipping")之前和之后均被击中两次. SessionID在调用RedirectToAction("Shipping")之前和之后也有所不同.
I tried debugging this and I added Session_Start() method to the Global.asax file and it gets hit twice, once before and once after calling RedirectToAction("Shipping"). The SessionID is also different before and after calling RedirectToAction("Shipping").
仅当我从本地计算机运行App_A时,才会发生此问题.当我在我们的生产站点中尝试时,它可以正常工作而没有任何问题.另外,当我在父窗口上加载App_A时,它会保留会话值,而不会出现任何问题.也就是说,在App_B上,我用Response.Redirect(frameURL);替换了storefrontiframe.Attributes["src"] = frameURL;,并且当App_A加载到新窗口中时,会话值将被保留而没有任何问题.
This issue occurs only when I run App_A from my local machine. When I try it in our production site, it works fine without any issues. Also, when I load App_A on the parent window, it retains session values without any issues. That is, on App_B I replaced storefrontiframe.Attributes["src"] = frameURL; with Response.Redirect(frameURL); and when App_A gets loaded on a new window, the session values are being retained without any issues.
我不确定为什么在调用RedirectToAction()后突然清除我的会话值.任何帮助将不胜感激.
I'm not sure why my session values are being cleared all of a sudden after calling RedirectToAction(). Any help would be greatly appreciated.
推荐答案
我遇到了类似的问题,并且可以通过向Web.config中的sessionState节点添加"None"作为值的"cookieSameSite"属性来解决此问题. .像这样:
I had a similar problem and was able to solve it by adding a "cookieSameSite" attribute with "None" as value to the sessionState node in the Web.config. Something like this:
<sessionState cookieSameSite="None" timeout="60" />
这篇关于在iframe中使用RedirectToAction之后,将重置ASP.NET MVC会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
