发表新帖
发表新帖

Why are cookies unrecognized when a link is clicked from an external source (i.e. Excel, Word, etc…)

后端 未结
关注
17 2391
爱一瞬间的悲伤
爱一瞬间的悲伤 2020-11-28 04:39

I noticed that when a link is clicked externally from the web browser, such as from Excel or Word, that my session cookie is initially unrecognized, even if the link opens u

相关标签:
17条回答
  • 时光取名叫无心
    2020-11-28 04:56

    NGINX solution below:

    if ($http_user_agent ~* Word|Excel|PowerPoint|ms-office) {
    return 200 '<html><head><meta http-equiv="refresh" content="0"/></head><body></body></html>';
}

    You can put it in the server or location block. Works like charm.

    0 讨论(0)
  • 自闭症患者
    2020-11-28 05:00

    We are seeing a problem that TWO Chrome tabs are opened when clicking an URL from MS Word, and the page to open has JavaScript redirection: window.location.href=blabla

    By debugging from the servers side, we confirmed that there are requests sent from Office app, besides Chrome. This is so wierd.

    But anyway, by checking the request header "User-Agent", and returning an empty page to Office apps, our TWO tabs issue got resolved. That's definitely the right thing to do!

    0 讨论(0)
  • 情歌与酒
    2020-11-28 05:00

    Use fix provided by microsoft given link below. https://support.microsoft.com/en-us/kb/218153

    0 讨论(0)
  • 一生所求
    2020-11-28 05:01

    1.From excel/word point to http://example.com/from_excel.php

    2.In "from_excel.php" redirect to page where you use session

    <script>document.location.href = "http://example.com/page_with_session.php"; </script>
    0 讨论(0)
  • 独厮守ぢ
    2020-11-28 05:02

    This is because MS Office is using Hlink.dll component to lookup if the link is Office document or something else. MS Office expect to open the document linked within documents without the aid of external browser (using Hlink.dll component of IE6).

    If session cookie protects website Hlink naturally is being redirected to login page and having reached HTML page and not able to "understand" it opens it in external browser. Note that it opens not original URL (expected behavior) but the result of redirect, even if it was 302 redirect.

    Microsoft has that bug in unsupported component (Hlink.dll), instead of recognizing the bug they turn it over to our head (trying to convince us that it is flaw of SSO system we use, i.e. session cookies) and refuses to upgrade it. It offers workaround that turns off the lookup functionality of MS Office:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
  Office\9.0\Common\Internet\ForceShellExecute:DWORD=1

    Or offer us to workaround serverside, to avoid HTTP redirects and change into Javascript redirects or META REFRESH redirects (i.e. to have Hlink get text/html page on original URL and make it run external browser to handle it).

    0 讨论(0)
  • 北荒
    2020-11-28 05:03

    We had this same problem and wrote an open source gem to help those using rails: https://github.com/spilliton/fix_microsoft_links

    You can use the same approach we used on any framework though:

    1. Detect if the user agent is from a Microsoft product
    2. Render a blank html page with a meta refresh tag that will cause the browser to refresh the page with the correct cookies

    Example code here: https://github.com/spilliton/fix_microsoft_links/blob/master/lib/fix_microsoft_links.rb

    0 讨论(0)
 看不清?
提交回复
热议问题