本地主机上的Google Plus登录Cookie政策 [英] Google Plus Sign In Cookie Policy on localhost

问题描述

我正在使用本指南将一个使用google plus登录功能的网络应用放在一起.

I'm putting together a webapp that uses google plus signin using this guide.

我正在localhost:8888上运行网络应用.

I am running the webapp on localhost:8888.

使用这样的javascript，一切正常:

Using javascript like this, things work fine:

    gapi.signin.render(thisHandle.details.buttonId, {
        'callback': mySignIn,
        'clientid': myClientId,
        'requestvisibleactions': 'http://schemas.google.com/AddActivity',
        'scope': 'https://www.googleapis.com/auth/plus.login',
        'theme': 'light',
        'cookiepolicy': 'single_host_origin',
        'accesstype': 'offline'
    });

如果我将cookiepolicy更改为"http://localhost:8888"，则会得到:

If I change my cookiepolicy to 'http:// localhost:8888' I get:

错误:invalid_request严格不在公共后缀下的权限: localhost:8888

Error: invalid_request Authority not strictly under a public suffix: localhost:8888

请求详细信息

response_type =代码令牌 id_token gsession scope = https://www.googleapis.com/auth/plus.login redirect_uri =发布消息access_type =离线 cookie_policy = http://localhost:8888 proxy = oauth2relay874392806 origin = http://localhost:8888 state = 384885884 | 0.12629541 client_id = [我的客户ID] request_visible_actions = http://schemas.google.com/AddActivity authuser = 0

response_type=code token id_token gsession scope=https://www.googleapis.com/auth/plus.login redirect_uri=postmessage access_type=offline cookie_policy=http://localhost:8888 proxy=oauth2relay874392806 origin=http://localhost:8888 state=384885884|0.12629541 client_id=[My client id] request_visible_actions=http://schemas.google.com/AddActivity authuser=0

在存储用户和会话信息方面，严格按照公共后缀表示的权限是什么意思?有没有可以让我运行我的开发服务器的解决方法?任何帮助，不胜感激.

What does Authority not strictly under a public suffix means in this context, in terms of storing user and session information? Is there a workaround that would allow me to have is running my development server? Any help much appreciated.

推荐答案

对于您的开发工作，您可以坚持使用single_host_origin或使用none(效率较低).当您的登录用户可能通过多种协议(http& https)或带有子域(www.example.com和support.example.com)访问您的网站时，cookie策略更为重要.在这种情况下，您可能希望使用http://example.com

For your development work, you can stick with single_host_origin or use none (less efficient). The cookie policy is more important when your signed in user might be visiting your site on multiple protocols (http & https) or with subdomains (www.example.com and support.example.com). In those cases, you'd likely want to use the cookiepolicy of http://example.com

这篇关于本地主机上的Google Plus登录Cookie政策的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！