问题
Strange behavior occured in an old WebForms app. I can't give you link, or big picture, I can only ask for specific detail, so maybe someone has an idea which way to explore.
App on the domain A embeds app on another domain B within iframe. (If it hosts the site on the same domain, then it's fine, the problem doesn't occur.)
domainA.com:
<iframe src="http://domainB.com/page1.aspx" />
page1.aspx writes a Session variable:
http://domainB.com/page1.aspx:
HttpContext.Current.Session["UTCOffset"] = utcOffset.ToString();
However, ASHX handler handler.ashx within that iframe can't read the Session variable value.
http://domainB.com/handler.ashx:
string utcOffset = Convert.ToString(HttpContext.Current.Session["UTCOffset"]);
utcOffset is empty string.
Have in mind, when this is not inside iframe, (e.g. request http://domainB.com/page1.aspx through browser) this works fine. It also works fine if this is all hosted on the same domain. Also it was working fine until recently, on most major browsers.
Did something change recently regarding Session policy within frames, due to CORS or something? How do I fix this?
回答1:
I solved it simply by using cookies. Tested it, it works fine.
So instead of the code in page1.aspx:
HttpCookie UTCOffset = new HttpCookie("UTCOffset");
UTCOffset.Values.Add("utcOffset", utcOffset.ToString());
UTCOffset.Expires = DateTime.Now.AddDays(1);
Response.Cookies.Add(UTCOffset);
and in handler, instead of current code:
string utcOffset = string.Empty;
HttpCookie UTCOffset = HttpContext.Current.Request.Cookies["UTCOffset"];
if (UTCOffset != null && !string.IsNullOrEmpty(UTCOffset.Values["utcOffset"]))
{
utcOffset = UTCOffset.Values["utcOffset"].ToString();
}
来源:https://stackoverflow.com/questions/62638886/remembering-session-in-iframe-with-asp-net-webforms