JSONP,Java Servlets和Internet Explorer
我正在使用JSONP在不同于站点的服务器上回答AJAX调用。它运行得很好,除了在IE上,我无法维护会话。
I am using JSONP to answer AJAX calls on a different server than the site is on. It works pretty well, except that on IE, I can't maintain a session.
回答请求的站点使用Java Servlets。它适用于Firefox,但我在IE浏览器中遇到问题,因为它不接受cookie。 (我可以通过更改安全设置来使其工作。)
The site answering the request uses Java Servlets. It works in Firefox, but I in IE I have problems because it doesn't accept the cookies. (I can make it work by changing the security settings.)
从那里我尝试将sessionid放入请求的URL中:
From there I tried putting the sessionid in the url of the request:
listAction:server +'/ site / gateway.jsp?current = page& next = something& jsessionid ='+ session +'& callback =?'
listAction: server+'/site/gateway.jsp?current=page&next=something&jsessionid='+session+'&callback=?'
(我写回调=?因为我正在使用jQuery,这就是你如何做Jsonp。)
(I write callback=? because I am using jQuery and that is how you can do Jsonp.)
它仍然不起作用。我写会话错了吗?它还在看我的饼干吗?我可以配置我的servlet来加载我想要加载的会话吗?
It still doesn't work. Did I write the session wrong? Is it still looking at my cookies? Can I possibly configure my servlet to load the session that I want it to load?
这实际上是你的问题得到iFrames。你需要设置一个p3p头。
This is actually the same problem that you get with iFrames. You need to set a p3p header.
request.setheader('P3P:CP =NOI ADM DEV COM NAV我们的STP');
request.setheader('P3P: CP="NOI ADM DEV COM NAV OUR STP"');
为什么IE阻止你使用带有JSONP的cookie,但是如果你只是添加一些标题就允许你?谁知道。标题代表隐私政策。我猜他们认为恶意黑客不会对他们的隐私政策不诚实。
Why does IE block you from using cookies with JSONP, but allow you if you just add some header? Who knows. The header represents a privacy policy. And I guess they don't think malicious hackers will be dishonest about their privacy policy.
如果您出售有关您用户的信息或有其他理由担心您的用户提起诉讼,您应该确保您的p3p标头准确反映了您的隐私政策,因此您我将不得不做更多的研究。
If you sell information about your users or have other reasons to worry about a lawsuit from your users, you should make sure your p3p header accurately reflects your privacy policy, so you'll have to do a bit more research.
这是同样的问题,但关于iFrames: Cookie被阻止/未保存在Internet Explorer的IFRAME中
This is the same question but about the iFrames: Cookie blocked/not saved in IFRAME in Internet Explorer