为正在302重定向到的其他域设置Cookie [英] Setting a cookie for another domain being 302-redirected to
问题描述
(这个问题更像是一个现实检查比任何其他 - 我很确定这是可能的,但想确定。)
编写接收HTTP请求的代理服务器,将它们传递到远程服务器,并返回远程服务器的响应。
我遇到了一个问题,远程服务器响应是设置cookie的302重定向。例如:
server:nginx / 0.7.65
日期:Wed,26 Jan 2011 04:42: 18 GMT
connection:keep-alive
set-cookie:JSESSIONID = FFFFFFFUUUUUUUUUU; Domain = .50.16.34.61; Path = /
location:http://50.16.34.61/client/whatever.html
content-length:0
当客户端遵循重定向到50.16.34.61(与代理服务器不同的域)时,我注意到尚未设置cookie。
我试图在set-cookie指令的Domain部分做一些疯狂的事吗?
编辑 / p>
基本上,我做错了,根据 http://www.ietf.org/rfc/rfc2109.txt 请求 - 主机确实需要是set-cookie指令中的域的超集。
/ sad-trombone
Domain =如果浏览器要求的Host:标头是使用的值的超集。
在你的情况下,似乎你的代理服务器假装是另一个服务器,因此,拦截这些Location:和Set-Cookie:标题行以及其他许多事情可能有意义,并替换相关位以保持指向您的服务器。
(This question is more of a reality check than anything else - I'm pretty sure this is possible, but want to be sure.)
I’m writing a proxy server that receives HTTP requests, passes them on to a remote server, and returns the remote server’s response.
I’ve run into a problem where one of the remote server responses is a 302 redirect that sets a cookie. Here’s an example:
server: nginx/0.7.65
date: Wed, 26 Jan 2011 04:42:18 GMT
connection: keep-alive
set-cookie: JSESSIONID=FFFFFFFUUUUUUUUUUU; Domain=.50.16.34.61; Path=/
location: http://50.16.34.61/client/whatever.html
content-length: "0"
When the client follows that redirect to 50.16.34.61 (a different domain than the proxy server) I notice that the cookies haven’t been set.
Am I trying to do something crazy here with the Domain part of the set-cookie directive?
Edit
Basically, I’m doing it wrong and according to http://www.ietf.org/rfc/rfc2109.txt the request-host really needs to be a superset of the Domain in the set-cookie directive.
/sad-trombone
The Domain= cookie stuff will only work if the Host: header that the browser asked for is a superset of the value used.
In your case, it seems like your proxy server is pretending to be another server, so it might make sense to intercept those Location: and Set-Cookie: header lines, among many other things, and replace the relevant bits to keep pointing at your server.
这篇关于为正在302重定向到的其他域设置Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!