Chrome浏览器未在子域之间共享Cookie [英] Chrome not sharing the cookie between the subdomains

问题描述

当我在Cookie中使用值 domain:.example.com" 时，我希望它支持 xyz.example.com，abc.example.com 子域strong>等

When I use the value domain:".example.com" in my cookie, I expect it to support the subdomains xyz.example.com, abc.example.com etc

这在mozilla firefox上可以正常使用，但在谷歌浏览器上似乎不起作用！在chrome上，它会为 xyz.example.com 创建一个新的cookie，无法达到目的.

This works fine on mozilla firefox but does not seem to work on google chrome! On chrome it creates a new cookie for xyz.example.com which fails to serve the purpose.

这是一个已知问题吗?任何帮助将不胜感激！

Is this a known issue? Any help would be appreciated!

谢谢.

推荐答案

我知道这有些牵强，但并非所有域都可以为其设置cookie. https://publicsuffix.org/list/public_suffix_list.dat 列表受到Chrome，Firefox的认可和Safari提及最受欢迎的浏览器.

I know this is bit of a far fetch, but not all domains can have cookies set to them. https://publicsuffix.org/list/public_suffix_list.dat list is honored by Chrome, Firefox and Safari to mention the most popular browsers.

假设上述 example.com 为 s3-website-us-east-1.amazonaws.com ，可以观察到非常奇怪的事情.Set-Cookie标头将出现在响应数据中，但浏览器不会在网络流量检查器中显示它，也不会产生任何影响.由于数据在那里，因此可以通过例如来观察.卷曲.

Assuming the above example.com would be s3-website-us-east-1.amazonaws.com very weird thing could be observed. The Set-Cookie header would be present in the response data, but browser's wouldn't display it in the network traffic inspector nor it would have any effect. Because the data is there, it can be observed via eg. curl.

参考 RFC6265

这篇关于Chrome浏览器未在子域之间共享Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！