Cross-Domain Cookies

后端 未结 15 2543
抹茶落季
抹茶落季 2020-11-21 21:56

I have two webapps WebApp1 and WebApp2 in two different domains.

  1. I am setting a cookie in WebApp1 in the HttpResponse.
  2. How to read the same cookie fro
相关标签:
15条回答
  • 2020-11-21 22:49

    You cannot share cookies across domains. You can however allow all subdomains to have access. To allow all subdomains of example.com to have access, set the domain to .example.com.

    It's not possible giving otherexample.com access to example.com's cookies though.

    0 讨论(0)
  • 2020-11-21 22:49

    Read Cookie in Web Api

    var cookie = actionContext.Request.Headers.GetCookies("newhbsslv1");
    
    
                        Logger.Log("Cookie  " + cookie, LoggerLevel.Info);
                        Logger.Log("Cookie count  " + cookie.Count, LoggerLevel.Info);
    
                        if (cookie != null && cookie.Count > 0)
                        {
                            Logger.Log("Befor For  " , LoggerLevel.Info);
                            foreach (var perCookie in cookie[0].Cookies)
                            {
                                Logger.Log("perCookie  " + perCookie, LoggerLevel.Info);
    
                                if (perCookie.Name == "newhbsslv1")
                                {
                                    strToken = perCookie.Value;
                                }
                            }
                        }
    
    0 讨论(0)
  • 2020-11-21 22:57

    As other people say, you cannot share cookies, but you could do something like this:

    1. centralize all cookies in a single domain, let's say cookiemaker.com
    2. when the user makes a request to example.com you redirect him to cookiemaker.com
    3. cookiemaker.com redirects him back to example.com with the information you need

    Of course, it's not completely secure, and you have to create some kind of internal protocol between your apps to do that.

    Lastly, it would be very annoying for the user if you do something like that in every request, but not if it's just the first.

    But I think there is no other way...

    0 讨论(0)
提交回复
热议问题