I'm trying to create a PHP based application that allows students from my school to have a 开发者_Python百科cleaner presentation of their grades.
My goal is to to remotely login to their server and retrieve and format the XML. However, their login system uses cookies. Now, I'm fairly familiar with cookies, but I'm having trouble finding a way to accept a cookie and send a remote login request that also sends the cookies set by their system.
I've tried a few ways of connecting: cURL, iFrames, AJAX, but none seem to accept and log/send the cookies.
The cookies are added to a user's browser just by visiting their site without logging in. I attempted to "catch" the header information, but I believe that's "cookie sniffing."
Is this even possible, and is it even allowed by the Same Origin policy?
Thanks in advance!
I suspect you will not be able to do what you want to do. If you are saying you want to be able to get the cookies out of their browser and have them sent to your PHP application (which is on a different domain) then use those cookies to log into their application remotely so that you can then relay info from their server back tot hem through yours, then no, definitely not. Same-origin exists explicitly to avoid that kind of stuff.
Imagine if that were possible. I could then write a web application that would harvest your gmail cookies, and log into your gmail remotely to do whatever I like.
If I am misunderstanding what you are trying to do, please let me know and I will update my answer.
The browser won't send you cookies from another domain. If you controlled both servers, you could then manage something, but as you don't the closest you could come would be to ask them for their credentials and if they supplied them, you could use that.
Although why they would trust you...
精彩评论