开发者

JSONP and sharing cookies from one server to another?

开发者 https://www.devze.com 2023-01-04 09:10 出处:网络
I\'m working on an intranet system (.NET 3.5); the main pages are served up from a standard ASP.NET server.I would like to use Ajax on those pages to contact a WCF service running on a different machi

I'm working on an intranet system (.NET 3.5); the main pages are served up from a standard ASP.NET server. I would like to use Ajax on those pages to contact a WCF service running on a different machine, to retrieve data, do CRUD operations - the usual Ajax stuff.

The problem I'm trying to resolve is: can I take cookies which were set by the ASP.NET server, and include them on requests to the WCF service? If so, how?

My understanding is that JSONP bypasses XSS restrictions by "wrapping" the Ajax request within a standard <script src="MyAjaxCall?SomeData=SomeValue"> tag. With that in mind, it would seem I'm at the mercy of the browser as to which cookies (if any) will be included in MyAjaxCall. Since the cookies originate 开发者_JAVA百科from the ASP.NET server, the browser likely won't include them in the call to WCF.

Since this is an intranet application, I cannot necessarily rely on domain wildcarding (*.mydomain.com) to make sure the cookies are shared across multiple machines - the client may well be accessing machines by their simple network name or even IP address directly.

edit: accepting Julian's answer, since using JS to manually grab a cookie's payload and jam it onto the URL seems like the only way to work-around the restriction (tho it feels somewhat inelegant :)


You're perfectly right in assuming you'll have problems with cookies.

The only workaround is to actually pass the values of interest into the query string of the JSONP request. Which means you'll have to inspect cookies client-side, extract the data you need from them and then append it to the url "by hand".

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号