HTML5 CORS请求在重定向后的safari中失败 [英] HTML5 CORS request fails in safari after redirect
问题描述
我使用jQuery制作了一个CORS请求,以完成一个SSO类型的系统。
I am crafting a CORS request with jQuery to accomplish a SSO type system. User logs into wordpress and with a hook at the same time also logs into Moodle.
我遇到的问题是在Safari中(只有safari〜7 +)当初始POST请求设置为moodlesite.com/login/index.php时,有一个重定向到:moodlesite.com/login/index.php?testsession=user_id。
The problem I'm having is that in Safari (and only safari ~7+) when the inital POST request is set to moodlesite.com/login/index.php there is a redirect to: moodlesite.com/login/index.php?testsession=user_id.
当此重定向发生时,Safari会删除适用的CORS标头,然后重定向网址的请求就会失败。
When this redirect occurs Safari drops the applicable CORS headers and then the request to the redirected URL fails.
推荐答案
问题只是为了回答它,因为它花了我很长时间找到这个safari bug的解决方法。希望这有助于某人。
I posted this question just to answer it because it took me a long time to find a workaround to this safari bug. Hopefully this helps someone.
我最后做的是创建另一个ajax请求,在实际请求moodle之前运行。这个请求使用wordpress的AJAX功能来做一个CURL来moodle服务器端。这允许我获得重定向的URL(其中包括用户的moodle id)。
What i ended up doing is creating another ajax request that runs before the actual request to moodle. This request uses wordpress' AJAX functionality to make a CURL to moodle serverside. This allows me to get the redirected URL (which includes the user's moodle id). Then after that request is complete i make the real request to the moodle server.
示例代码:
// redirect follower ajax request to figure out what the final moodle login url is
// this is necessary becuase SAFARI 7.03 looses CORS headers on ajax requests
add_action( 'wp_ajax_lms_redirect_follower', 'lms_redirect_follower' );
add_action( 'wp_ajax_nopriv_lms_redirect_follower', 'lms_redirect_follower' );
function lms_redirect_follower(){
$url = 'http://'.get_field('moodle_url', 'options').'/login/index.php';
$username = $_POST['username'];
$password = $_POST['password'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"username=".$username."&password=".$password);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$server_output = curl_exec ($ch);
$url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
echo $url;
die();
}
function moodle_sso ()
{ ?>
<script src="//code.jquery.com/jquery-1.11.0.min.js"></script>
<script>
function crossDomainPost(user, pass) {
// first get the redirect url
var moodle_login_url = 'http://<?php the_field('moodle_url', 'options'); ?>/login/index.php';
var data = {
'action': 'lms_redirect_follower',
'username': user,
'password':pass
};
$.post("<?php echo admin_url( 'admin-ajax.php' ); ?>", data, function(response) {
moodle_login_url = response;
$.ajax({
type: 'POST',
url: moodle_login_url,
cache: false,
xhrFields: {
withCredentials: true
},
crossDomain: true,
data: {"username":user, "password":pass},
success: function(responseData, textStatus, jqXHR) {
$('#loginform').submit();
},
error: function (responseData, textStatus, errorThrown) {
// console.log(errorThrown);
// console.log(responseData);
},
complete: function(responseData, textStatus, errorThrown){
// console.log(errorThrown);
// console.log(responseData);
}
});
});
}
$(document).ready(function(){
$('#wp-submit').click(function(ev){
ev.preventDefault();
return crossDomainPost($('#user_login').val(), $('#user_pass').val());
})
})
</script>
<?php
}
add_action('login_footer', 'moodle_sso');
这篇关于HTML5 CORS请求在重定向后的safari中失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!