我可以添加一个P3P响应头XMLHtt prequest？ [英] Can I add a P3P Response Header to XMLHttpRequest?

问题描述

我现在用的是AjaxFileUpload插件在我的code，但IE8和IE10不发送的Cookie在论坛发帖AjaxFileUploadHandler.axd请求头。我看到眼睛图标，在IE8的底部，看到AjaxFileUploadHandler.axd是blobked，所以这不发送的cookie是故意的。下面我有我自己的web.config中的标签，但问题是脚本AjaxFileUpload在DLL中拉出，因此即使有这样的AjaxFileUploadHandler仍是封杀。我下载的源$ C ​​$ C到AjaxControlToolkit中，它创建DLL项目，现在我想找到我在哪里可以添加P3P头，这样即可以快乐。我看到XMLHtt prequest（）该工具包中的code，有没有什么办法来此P3P头添加到它满足即？

编辑：解决方法是注释掉iframe.security =限制;我更新了code以下。

 ＆LT; httpProtocol＆GT;
  ＆LT; customHeaders＆GT;
    ＆LT;添加名称=P3P值='CP =土豆/＆GT;
  ＆LT; / customHeaders＆GT;
＆LT; / httpProtocol＆GT;
 

在特定的这个问题是该工具包使用的iframe。有没有什么办法可以只添加P3P到的iFrame？

  this.createIFrame =功能（）{

    VAR名称= this._iframeName，
        IFRAME = document.createElement方法（IFRAME）;

    iframe.width =0;
    iframe.height =0;
    iframe.style.display =无;
    iframe.src =有关：空白;
    //iframe.src = "javascript:'<script>window.onload=function(){document.write(\\'<script>document.domain=\\\"" + document.domain的+\\\;＆所述; \\\\ /脚本＆GT; \\'）; document.close（）;};＆所述; \ /脚本＆GT;';
    iframe.id =名称;
    iframe.name =名称;
    //iframe.security =限制;
    document.body.appendChild（IFRAME）;
    iframe.contentWindow.name =名称;
    $ addHandlers（iframe中，{
        负载：Function.createDelegate（这一点，this.onIFrameLoadedHandler）
    }）;

    this._iframe = IFRAME;
};

this.onIFrameLoadedHandler =功能（E）{
    ///＆LT;总结＆gt;
    ///事件处理程序来捕获时的iframe接收来自服务器的响应。
    ///＆LT; /总结＆gt;
    ///＆LT; PARAM NAME =E＆GT;＆LT; /参数＆GT;

    如果（！control._currentFileId）
        返回;

    尝试 {

        VAR IFRAME = this._iframe，DOC = NULL;

        //只有测试iframe的数据，异常应抛出，如果出事了。
        如果（iframe.contentDocument）
            //火狐，歌剧
            DOC = iframe.contentDocument;
        否则，如果（iframe.contentWindow）
            // IE浏览器
            DOC = iframe.contentWindow.document;
        否则，如果（iframe.document）
            // 其他？
            DOC = iframe.document;

        如果（文件== NULL）
            扔文件未初始化;

        //敲定并上传下一个文件
        control.doneAndUploadNextFile（control.getCurrentFileItem（））;

    }赶上（五）{

        //对消/中止上传可以导致访问被拒绝或IE 9波纹管权限不足，
        //让我们来看看这个异常是不是真实地从服务器错误异常。
        ！如果（control._canceled ||（e.message＆安培;及（e.message.indexOf（访问被拒绝）＆GT; -1 || e.message.indexOf（权限被拒绝）＆GT;！ - 1）））{
            this.raiseUploadError（E）;
            扔ê;
        }
    }
};
 

解决方案

对此问题进行修复是删除一个小行：

  iframe.security =限制;
 

保持这条线在那里做治疗，即在iframe安全作为用户的限制列表中的网站在同一水平。

I am using the AjaxFileUpload plugin in my code, but ie8 and ie10 are not sending the Cookie in the request header on the POST to AjaxFileUploadHandler.axd. I see the "eye" icon at the bottom of ie8 and see that AjaxFileUploadHandler.axd is "blobked", so this not sending of the cookie is on purpose. I have the tag below in my own web.config, but the issue is the scripts for AjaxFileUpload are pulled in from a dll, and so even with this AjaxFileUploadHandler is still "blocked". I downloaded the source code to the AjaxControlToolkit, which creates the dll for the project, and now I am trying to find where I can add the P3P header so that ie can be happy. I see XMLHttpRequest() in the code of the toolkit, is there any way to add this P3P header to it to satisfy ie?

EDIT: The fix is to comment out iframe.security = "restricted"; I updated the code below.

<httpProtocol>
  <customHeaders>
    <add name="P3P" value='CP="Potato"'/>
  </customHeaders>
</httpProtocol>

In particular this issue is with the iframe that the toolkit uses. Is there any way to just add P3P to the iFrame?

    this.createIFrame = function() {

    var name = this._iframeName,
        iframe = document.createElement("IFRAME");

    iframe.width = "0";
    iframe.height = "0";
    iframe.style.display = "none";
    iframe.src = "about:blank";
    //iframe.src = "javascript:'<script>window.onload=function(){document.write(\\'<script>document.domain=\\\"" + document.domain + "\\\";<\\\\/script>\\');document.close();};<\/script>'";
    iframe.id = name;
    iframe.name = name;
    //iframe.security = "restricted";
    document.body.appendChild(iframe);
    iframe.contentWindow.name = name;
    $addHandlers(iframe, {
        load: Function.createDelegate(this, this.onIFrameLoadedHandler)
    });

    this._iframe = iframe;
};

this.onIFrameLoadedHandler = function (e) {
    /// <summary>
    /// Event handler to capture when iframe receive response from server.
    /// </summary>
    /// <param name="e"></param>

    if (!control._currentFileId)
        return;

    try {

        var iframe = this._iframe, doc = null;

        // Only test the iframe data, exception should thrown if something went wrong.
        if (iframe.contentDocument)
            // Firefox, Opera
            doc = iframe.contentDocument;
        else if (iframe.contentWindow)
            // Internet Explorer
            doc = iframe.contentWindow.document;
        else if (iframe.document)
            // Others?
            doc = iframe.document;

        if (doc == null)
            throw "Document not initialized";

        // finalizing and upload next file
        control.doneAndUploadNextFile(control.getCurrentFileItem());

    } catch (e) {

        // Cancelation / aborting upload can causing 'Access is denied' or 'Permission denied' on IE 9 bellow,
        // let's consider this exception is not trully error exception from server.
        if (!control._canceled || !(e.message && (e.message.indexOf("Access is denied") > -1 || e.message.indexOf("Permission denied") > -1))) {
            this.raiseUploadError(e);
            throw e;
        }
    } 
};

解决方案

The fix for this was to remove one little line:

iframe.security = "restricted";

Keeping that line in there makes ie treat the iframe with the same level of security as a site in the user's "Restricted" list.

这篇关于我可以添加一个P3P响应头XMLHtt prequest？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！