0
該設置使用Backbone Model,Nginx服務器。用戶輸入他們的用戶名和密碼,然後通過信息傳遞。服務器認證並返回一個會話cookie。Chrome不支持CORS cookie
當後端和前端位於同一臺服務器上時(例如通過本地主機連接),cookie將被存儲。但是,當連接遠程時,它不會存儲在Chrome中;不過,它存儲在Safari和FireFox中。
Ajax是經由
$.ajaxSetup({
crossDomain: true,
xhrFields: {
withCredentials: true
}
});
設置的請求頭是
POST /login HTTP/1.1
Host: localhost:8102
Connection: keep-alive
Content-Length: 59
Accept: application/json, text/javascript, */*; q=0.01
Origin: http://127.0.0.1:9102
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-Type: application/json
DNT: 1
Referer: http://127.0.0.1:9102/somefolder
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8
響應標頭是
HTTP/1.1 200 OK
access-control-allow-origin: http://127.0.0.1:9102
access-control-allow-credentials: true
vary: origin,accept-encoding
access-control-expose-headers: WWW-Authenticate,Server-Authorization
content-type: text/html; charset=utf-8
set-cookie: na-auth-token=encrypted-string; Max-Age=86400; Expires=Thu, 27 Apr 2017 13:32:44 GMT; HttpOnly; SameSite=Strict; Path=/
cache-control: no-cache
content-encoding: gzip
Date: Wed, 26 Apr 2017 13:32:44 GMT
Connection: keep-alive
Transfer-Encoding: chunked
在FireFox和Safari該cookie被存儲得很好,但在Chrome獲得響應並在沒有任何通知的情況下丟棄cookie。
更新
該Cookie實際上是被保存在本地主機域下的,但是當你導航回到頁面(例如通過window.location.reload
)餅乾消失。