如何在Safari中的iframe中设置外部网域的Cookie？ [英] How do I set cookies from outside domains inside iframes in Safari?

问题描述

从Apple 开发人员常见问题

Safari附带保守的
cookie政策，限制cookie
只写入选择的页面
（navigated to

Safari ships with a conservative cookie policy which limits cookie writes to only the pages chosen ("navigated to") by the user.

默认情况下，Safari只允许您直接导航的网站的Cookie。 （例如，如果您点击具有该域名的网址的链接）。

By default Safari only allows cookies from sites you navigate to directly. (i.e. if you click on links with the url of that domainname).

这意味着如果您从自己的网站加载了一个iFrame的页面，网站，其他网站不能设置Cookie。 （例如，售票处）。只要您直接访问了其他域，其他网站就可以访问和更改自己的Cookie。

This means that if you load a page from your own site with an iFrame with a page from another site, that the other site is not able to set cookies. (for instance, a ticketshop). As soon as you have visited the other domain directly, the other site is able to access and change its own cookies.

无法访问其他网站上的代码，我该如何使用户体验尽可能不引人注目？

Without having access to code on the other site, how can i make the user-experience as inobtrusive as possible?

是否有（javascript？）方法检查其他网站的Cookie
是否已经设置，因此，如果需要，首先显示指向其他网站的直接链接？

Is there a (javascript?) way to check if the other site's cookies are already set, and accordingly, show a direct link to the other site first, if needed?

更新：

HTML5功能window.postmessage似乎是一个不错的解决方案。

有一些jQuery库可能会帮助，并与最新的浏览器兼容。

本质上，iFrame文档通过窗口元素发送消息，Json。

The HTML5 feature 'window.postmessage' seems to be a nice solution.
There are some jQuery libraries that might help, and compatible with most recent browsers.
In essence, the iFrame document sends messages, with Json, thru the window element.

很好的 Postmessage-plugin ，由daepark，我工作。

和另一个 jQuery postMessage ，由Ben Alman发现，但还没有测试。 / p>

The very nice Postmessage-plugin, by daepark, which i got working.
and another jQuery postMessage, by Ben Alman i found, but haven't tested.

推荐答案

这是一个称为同源策略的问题。基本上，这是一个针对创建安全漏洞的安全措施。

This is an issue known as Same Origin Policy. Essentially it is a security measure against creating security loopholes.

如果您有指向自己网域上的网页的iframe，则JavaScript可以访问您所在的网页和iframe中的网页。这是一个可以接受的子级和子级到父级关系的父级。

When you have an iframe that points to a page on your own domain, JavaScript can access both the page you're on and the page within the Iframe. This is an acceptable parent to child and child to parent relationship.

 (parent doc)        (iframe doc)
    HTML --> IFRAME <-- HTML 
      ^--------|---------^

但是，一旦你有一个文件指向一个外部页面，SOP开始播放，并在父页面和iframe页面之间传递任何信息。

However, once you have a file pointing to an external page, SOP comes into play and haults any information passing between the parent page and the iframe page.

 (parent doc)        (iframe doc)
    HTML --> IFRAME <-- HTML 
               X

查看这篇关于iframe通讯的文章很有意义！
Stackoverflow post

Check out this post about iframe communication, it makes a lot of sense! Stackoverflow post

这些链接真的也有帮助！

These links really help too!

1） 在浏览器中安全跨域通信

2） wiki SOP或同源政策

祝你好运！

这篇关于如何在Safari中的iframe中设置外部网域的Cookie？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！