Home  >  Article  >  Backend Development  >  Fineuploader solves the problem of cookie loss when uploading files across subdomains

Fineuploader solves the problem of cookie loss when uploading files across subdomains

巴扎黑
巴扎黑Original
2016-11-10 09:49:501754browse

In the current project, fineuploader, a pure HTML5 upload component, is used. During the development process, the upload service is placed separately under a specific subdomain. The domain set by the login cookie is under the root domain, and user login detection is performed in the back-end code. , I found that I was always redirected 302 to the non-logged-in page. After investigation, I found that it was caused by the ajax xhr request not containing cookies. After searching around on the Internet, I wrote

Native ajax request method:

var xhr = new XMLHttpRequest(); 
xhr.open("POST", "http://xxxx.com/demo/b/index.php", true); 
xhr.withCredentials = true; //支持跨域发送cookies
xhr.send();

jquery Ajax post method request:


$.ajax({
type: "POST",
url: "http://xxx.com/api/test",
dataType: 'jsonp',
xhrFields: {
withCredentials: true
},
crossDomain: true,
success:function(){
},
error:function(){
}
})

Server-side settings:
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Origin: http://www. xxx.com");

The back-end has been adjusted accordingly. Because the front-end involves fineuploader, I simply searched for the keyword withCredentials in its code, and then went to the official document to read it. There is cors configuration http: //docs.fineuploader.com/api/options.html#cors

Add the following configuration to the configuration line and it will be ok

Js code

cors: {  
                allowXdr: true,// 此参数目前不知道有啥用  
                expected: true,  
                sendCredentials: true  
            }

After modification, the problem is solved.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn