PHP and cURL cookies

前端 未结 3 1309
小蘑菇
小蘑菇 2020-12-20 07:37

I am trying to setup a php page which uses cURL to hit a third party server to log them in. Right now my code does successfully log in to the third party server, but since c

相关标签:
3条回答
  • 2020-12-20 07:45

    The user's browser will most probably not allow you to set cookies for another domain anyway.

    You can, in your PHP code, login and fetch a session cookie for (e.g.) Hotmail. But you won't be able to pass that session on to the user (so he/she would also be logged in).

    This is because many browsers and configurations deny setting 3rd party cookies.

    0 讨论(0)
  • 2020-12-20 07:52

    Check out the documentation for the following cURL options:

    CURLOPT_COOKIE
    CURLOPT_COOKIEFILE
    CURLOPT_COOKIEJAR
    

    EDIT

    After reading your question more thoroughly, I'm afraid to tell you there is NO way to write the cookies to the client browser unless you redirect the client to the site you are attempting authorize them on. Browser cookies operate on a security model known as Same Origin Policy. This basically means that domains can only issue cookies for their OWN domains and may not issue cookies for others domains. In your particular case:

    client --CONTACTS--> foo.com --cURL-LOGIN--> bar.com
    bar.com --bar.com-COOKIE--> foo.com --foo.com-COOKIE--> client
    client --foo.com-COOKIE--> bar.com (Will not work)
    

    Basically, foo.com CAN NOT create cookies on the client for bar.com!

    0 讨论(0)
  • 2020-12-20 07:58

    You can set the cookie in the user's browser without redirecting him to the server. what you need to do is get the user to hit your php page with the curl code in it. then you can take his post data and send this data to the server. But dont let the server redirct you. Set the option as CURLOPT_FOLLOWLOCATION as false and set CURLOPT_HEADER as true Now grab the header and extract the cookie and location headers and then pass those as headers to the client browser like header("Location: ...) and header("Set-Cookie: ....). you can also send other headers by extracting them too. the following [post] html page not getting cookies through libcurl has a similar situation

    0 讨论(0)
提交回复
热议问题