为什么 jQuery 的 .ajax() 方法不发送我的会话 cookie? [英] Why is jQuery's .ajax() method not sending my session cookie?

问题描述

通过 $.ajax() 登录到一个站点后，我试图向该站点发送第二个 $.ajax() 请求 - 但是当我检查使用 FireBug 发送的标头，请求中没有包含会话 cookie.

After logging in via $.ajax() to a site, I am trying to send a second $.ajax() request to that site - but when I check the headers sent using FireBug, there is no session cookie being included in the request.

我做错了什么?

推荐答案

AJAX 调用仅在您调用的 url 与调用脚本位于同一域时才发送 Cookie.

AJAX calls only send Cookies if the url you're calling is on the same domain as your calling script.

这可能是跨域问题.

也许您在调用脚本位于 www.domain-b.com 时尝试从 www.domain-a.com 调用 url(换句话说:您进行了跨域调用，在这种情况下，浏览器不会发送任何 cookie 来保护您的隐私).

Maybe you tried to call a url from www.domain-a.com while your calling script was on www.domain-b.com (In other words: You made a Cross Domain Call in which case the browser won't sent any cookies to protect your privacy).

在这种情况下，您的选择是:

In this case your options are:

• 编写一个驻留在域 b 上的小代理，并将您的请求转发到域 a.您的浏览器将允许您调用代理，因为它与调用脚本在同一台服务器上.
  然后您可以配置此代理以接受它可以发送到域 a 的 cookie 名称和值参数.但要使其正常工作，您需要知道 cookie 的名称和域上的服务器的值 - a 需要进行身份验证.
• 如果您要获取 JSON 对象，请尝试改用 JSONP 请求.jQuery 支持这些.但是您需要更改域 a 上的服务，以便它返回有效的 JSONP 响应.

• Write a small proxy which resides on domain-b and forwards your requests to domain-a. Your browser will allow you to call the proxy because it's on the same server as the calling script.
  This proxy then can be configured by you to accept a cookie name and value parameter which it can send to domain-a. But for this to work you need to know the cookie's name and value your server on domain-a wants for authentication.
• If you're fetching JSON objects try to use a JSONP request instead. jQuery supports these. But you need to alter your service on domain-a so that it returns valid JSONP responds.

很高兴这能帮上一点忙.

Glad if that helped even a little bit.

这篇关于为什么 jQuery 的 .ajax() 方法不发送我的会话 cookie?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！