本地主机上的Google Plus登录Cookie政策 [英] Google Plus Sign In Cookie Policy on localhost
问题描述
我正在使用本指南将一个使用google plus登录功能的网络应用放在一起.
I'm putting together a webapp that uses google plus signin using this guide.
我正在localhost:8888
上运行网络应用.
I am running the webapp on localhost:8888
.
使用这样的javascript,一切正常:
Using javascript like this, things work fine:
gapi.signin.render(thisHandle.details.buttonId, {
'callback': mySignIn,
'clientid': myClientId,
'requestvisibleactions': 'http://schemas.google.com/AddActivity',
'scope': 'https://www.googleapis.com/auth/plus.login',
'theme': 'light',
'cookiepolicy': 'single_host_origin',
'accesstype': 'offline'
});
如果我将cookiepolicy更改为"http://localhost:8888",则会得到:
If I change my cookiepolicy to 'http:// localhost:8888' I get:
错误:invalid_request严格不在公共后缀下的权限:
localhost
:8888
Error: invalid_request Authority not strictly under a public suffix:
localhost
:8888
请求详细信息
response_type =代码令牌
id_token gsession scope = https://www.googleapis.com/auth/plus.login
redirect_uri =发布消息access_type =离线
cookie_policy = http://localhost
:8888 proxy = oauth2relay874392806
origin = http://localhost
:8888 state = 384885884 | 0.12629541
client_id = [我的客户ID]
request_visible_actions = http://schemas.google.com/AddActivity
authuser = 0
response_type=code token
id_token gsession scope=https://www.googleapis.com/auth/plus.login
redirect_uri=postmessage access_type=offline
cookie_policy=http://localhost
:8888 proxy=oauth2relay874392806
origin=http://localhost
:8888 state=384885884|0.12629541
client_id=[My client id]
request_visible_actions=http://schemas.google.com/AddActivity
authuser=0
在存储用户和会话信息方面,严格按照公共后缀表示的权限是什么意思?有没有可以让我运行我的开发服务器的解决方法?任何帮助,不胜感激.
What does Authority not strictly under a public suffix means in this context, in terms of storing user and session information? Is there a workaround that would allow me to have is running my development server? Any help much appreciated.
推荐答案
对于您的开发工作,您可以坚持使用single_host_origin
或使用none
(效率较低).当您的登录用户可能通过多种协议(http& https)或带有子域(www.example.com和support.example.com)访问您的网站时,cookie策略更为重要.在这种情况下,您可能希望使用http://example.com
For your development work, you can stick with single_host_origin
or use none
(less efficient). The cookie policy is more important when your signed in user might be visiting your site on multiple protocols (http & https) or with subdomains (www.example.com and support.example.com). In those cases, you'd likely want to use the cookiepolicy of http://example.com
这篇关于本地主机上的Google Plus登录Cookie政策的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!