问题
I am going to have code running on a site in an iframe which may or may not be cross-domain, and may be duplicated in multiple iframes. I may have code running in the top window, I may not. I want my JS to generate a unique identifier which will be the same if it is generated by my code in any iframe on that page, in multiple iframes, iframes nested in iframes, or in the top window, for the life of that load of the main page only.
It should generate the same identifier when run in any window context of that webpage loading for that user at that time. So if an iframe is removed, another one added should generate the same id.
What is the best information to use for this? It is essentially a 'session' id but needs to be generated in the browser, and be the same for any child iframe generating it. Thanks to anyone who can help!
回答1:
I'm not 100% sure if this answers your question, but my go-to way to generate a random string is partly inspired by MongoDB's way of generating unique object IDs:
var uniqueString = Date.now().getTime() + Math.random();
Unless you have hundreds of thousands of users all running this code at the exact same millisecond, you should be fairly guaranteed a random string.
EDIT
The question mentions running code in the top window. With this, there are multiple solutions that could work:
- Use the PostMessage API to send all iframes on the page the same random id
- Deploy the iframe with the random id as a query string (e.g.
http://www.example.com/mypage?id=123)
If, however, you are unable to execute code in the top window, you will have to do things server-side. Here I'm not too certain of how I'd do it, since I'm not sure what you're using on the back-end, but in Node.js you could check the req object. It will contain things like the user's IP address, their useragent string, the date of the request, etc. Concatenating the IP address, useragent string, and maybe the referring page (i.e. the page your user is viewing that loaded the iframes) should give a unique ID for all frames on a given page for a given user.
回答2:
After some reading, it appears making a browser fingerprint will be the solution. These github projects are helpful:
- https://github.com/Valve/fingerprintjs2
- https://github.com/ephoton/browser-flag
- https://github.com/rynr/fingerprint.js
I'll probably use one of those, or get some ideas for implementing my own simplified solution.
来源:https://stackoverflow.com/questions/35105893/best-way-to-uniquely-identify-a-user-in-this-case