0
我在本地机器上运行2个网站。 (通过主机文件配置的名称)。CORS问题与jQuery和饼干的子域
- cf2.localhost.net(laravel)
- cf2wp.localhost.net(WordPress的)
当用户登录到WordPress他们从.localhost.net饼干,当他们加载他们在laravel网站上的页面也收到了这些cookie数据。
当我尝试做一个jQuery Ajax请求,不过Cookie不会发送
使用Chrome工具,我验证过:
- 请求http://cf2.localhost.net/home发送WordPress的饼干到服务器
的CORS预检返回OK与
Access-Control-Allow-Credentials:true Access-Control-Allow-Headers:Authorization, Content-Type Access-Control-Allow-Methods:OPTIONS, GET, POST, PUT, PATCH, DELETE Access-Control-Allow-Origin:http://cf2.localhost.net Access-Control-Expose-Headers:X-WP-Total, X-WP-TotalPages Connection:Keep-Alive Content-Length:5166 Content-Type:application/json; charset=UTF-8 Date:Thu, 25 May 2017 06:30:36 GMT Keep-Alive:timeout=5, max=100 Link:<http://cf2wp.localhost.net/wp-json/>; rel="https://api.w.org/" Server:Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/7.1.1 Vary:Origin X-Content-Type-Options:nosniff X-Powered-By:PHP/7.1.1 X-Robots-Tag:noindex
但是接下来发出的请求没有设置wordpress cookie。它只有从cf2.localhost.net
Accept:application/json, text/javascript, */*; q=0.01 Accept-Encoding:gzip, deflate, br Accept-Language:en-GB,en-US;q=0.8,en;q=0.6 Connection:keep-alive Content-Length:27 Content-Type:application/json; charset=UTF-8 Cookie:jenkins-timestamper-offset=-28800000; olfsk=olfsk19949676680174977; hblid=HFZEjdNeyuKRupkV3m39N0H8REA26ar9; _ga=GA1.1.1566562504.1495496019; io=qjc8cwjKxij4G9ggAAAA Host:localhost Origin:http://cf2.localhost.net Referer:http://cf2.localhost.net/home User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
任何想法是怎么回事加密laravel的呢?
您在Cookie上指定了哪个域名?您需要设置“domain = localhost.net”,以使其在两个子域 –
@RoryMcCrossan - .localhost.net上可用。当我们请求页面时,这个cookie确实发送到laravel服务器。只是当我做阿贾克斯调用 – FloatingKiwi