发表新帖
发表新帖

Unable to access cookies set by another Domain in IE

后端 未结
关注
5 525
情深已故
情深已故 2020-12-20 21:53

I am setting the cookie from a local HTML file as below using cookie.js library 

$.cookies.set(\"Demo\",\"Dummy Data\");

From another doma

相关标签:
5条回答
  • 野性不改
    2020-12-20 22:15

    This is by design. You can only get the value of a cookie which was set on the current domain.

    What you are asking for is not possible due to the security measures built in to web browsers.

    The best alternative is to make a JSONP AJAX request which can cross domains.

    0 讨论(0)
  • 情深已故
    2020-12-20 22:21

    Unfortunately, it is returning null because cookies from another domain are not accessible. This is a security feature.

    Consider, for example, your session cookie for some website. If I could access that cookie via JS on another domain, then my malicious website (that I trick you into visiting), can then take that session information and give it to some hacker. Then it becomes much more likely that the hacker can hijack your session. All too commonly, there are not other measures in place to make sure that the session used is used by the same person, so all a blackhat needs is the ID and voila - total access as you to the website. Say you're logged into your bank on one window, and then have my hacked evil webiste open in the other... now I might be able to access your bank account. Whoops!

    So - it's not possible, and for good reason!

    0 讨论(0)
  • 傲寒
    2020-12-20 22:27

    Take a look at this thread about cross-domain cookies: Cross domain cookies

    Basically, this is a security feature. If domain.com set a cookies, domain1.com should not have any access to it, otherwise you could get authentication tokens and other stuff for any website.

    0 讨论(0)
  • 盖世英雄少女心
    2020-12-20 22:32

    Indeed, this is not possible because of SOP (Same Origin Policy).

    You can solve this problem with cross domain methods like: postMessage, JSONP, xmlHttpRequest or iframe to name a few.

    However, you have to be concerned about security issues. This podcast explain how to breack cross domain barrier. The posts below also have solutions for your problem.

    Stackoverflow Posts

    1. How do I set cookies from outside domains inside iframes in Safari?;
    2. Resizing an iframe based on content;
    0 讨论(0)
  • 栀梦
    2020-12-20 22:34

    You can not read a cookie set by another domain.

    0 讨论(0)
 看不清?
提交回复
热议问题