我目前正在从事一个跨越多个领域的项目。我想要的是让用户能够登录一个站点并同时登录所有其他站点。
用户 session 存储在数据库中,我在每个域上设置的 cookie 包含 session ID。
所以基本上,当用户登录到 example.com 时,会使用他们的 session ID 创建一个 cookie, session 数据将存储在数据库中。完成此操作后,需要在所有其他具有此唯一 session ID 的域上创建一个 cookie,以便当用户从一个站点移动到另一个站点时,他们将自动登录。
现在我找到了一种在 Firefox 中执行此操作的方法(使用在其他域上执行 PHP 脚本的图像标签,本质上是在不同的域上创建不同的 cookie)但是这种方法在 IE 中不起作用(没有还测试了 Opera 或 Safari 等)。
有没有人知道我如何让它在 IE 中工作?
最佳答案
看看我的问题Cross Domain User Tracking .
您需要做的是为“图像”添加另一个 HTTP header 。
引自 Session variables are lost if you use FRAMESET in Internet Explorer 6 :
You can add a P3P compact policy header to your child content, and you can declare that no malicious actions are performed with the data of the user. If Internet Explorer detects a satisfactory policy, then Internet Explorer permits the cookie to be set.
A simple compact policy that fulfills this criteria follows:
P3P: CP="CAO PSA OUR"
This code sample shows that your site provides you access to your own contact information (CAO), that any analyzed data is only "pseudo-analyzed", which means that the data is connected to your online persona and not to your physical identity (PSA), and that your data is not supplied to any outside agencies for those agencies to use (OUR).
You can set this header if you use the Response.AddHeader method in an ASP page. In ASP.NET, you can use the Response.AppendHeader method. You can use the IIS Management Snap-In (inetmgr) to add to a static file.
Follow these steps to add this header to a static file:
- Click Start, click Run, and then type inetmgr.
- In the left navigation page, click the appropriate file or directory in your Web site to which you want to add the header, right-click the file, and then click Properties.
- Click the HTTP Headers tab.
- In the Custom HTTP Headers group box, click Add.
- Type P3P for the header name, and then for the compact policy string, type CP=..., where "..." is the appropriate code for your compact policy.
关于PHP多站点登录,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/387879/