iFrame
今天搞的一个登录页面,被别的网站用iframe嵌进去后,死活无法登录(只在IE中存在这种情况)。很明显,session无法被保存。但是直接在地址栏打开那个登录页面,一切都正常啊。真是奇怪啊。
在网上搜索了一下。发现这个问题还真有不少人提及到。最后的解决方法是在那个登录页面里加上以下代码:
复制代码 代码如下:
header('P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"');
session_start();
可能这个问题跟我的登录页面是采用javascript的location跳转也有关。但没有深入测试研究。
以下是拓展阅读:
---------------------------------------------
今天在处理腾讯朋友应用的时候,测试给我发来个工单,说应用在IE7 上无法使用.出现登陆超时错误.
第一反应是session丢失了.
于是上网找了下 IE7 iframe session丢失问题.后来找到如下文章,问题解决:
=============================================
昨天,我在校内上做的时间日记终于上线了。上线第一天有80多个用户安装,但却以外收到不少用户的反馈说应用不可用。我之前都是在firefox上开发的(估计校内工作人员也是用firefox审核的),在使用IE7测试时,却发现首页之外的页面全都无法正常打开。
在网上查找了许多资料,发现在IE7中存在这样的问题:如果页面中存在着一个或多个iframe的子页面,那么在子页面中创建session可能无 法成功,这样session数据就无法和其他页面所共享。在开发校内、51应用时,假设采用iframe方式,很可能会遇到这样的问题。而且这个问题只存 在于IE7浏览器中,我在firefox, IE6和chrome等浏览器中测试均没有问题。
解决方案是:在运行session_start之前,在程序中加上如下一句(以php语言为例),大致是向浏览器声明一下安全级别,这样iframe子页面在创建session时就不会有问题了:
header('P3P: CP=”ALL ADM DEV PSAi COM OUR OTRo STP IND ONL”‘);
另外,我还了解到:如果二级域名中包含了下划线,如:your_domain.yourhost.com,在建立和传递session时也可能会出现问题。
一点感想:
1)时隔多年,浏览器兼容性问题仍然没有得到彻底解决,IE浏览器仍然是那么让开发者感到痛苦和折磨。
2)发布应用前,一定要经过严密的浏览器兼容性测试,否则就有可能损失应用的第一批用户。
==============================================
其他参考文章:
==============================================
解决iframe中jsessionid无法传递导致session丢失的问题
http://618119.com/archives/2007/12/19/48.html
在实现 ISMP2.1.1 接口的适合需要用到sso,而ISMP里定义的接口是需要在iframe等嵌入页面中调用sso接口,在实际开发中发现session无法正常传递。
重现问题的场景是:
1.先访问a站点:http://192.168.18.2/test.jsp
test.jsp的代码为:
复制代码 代码如下:
sso .jsp里读取传递的ssoinfo,反向调用ISMP认证接口,
生成session,然后放入指定的属性值,
session .setAttribute(“ssoUser”,”lizongbo”);
页面再重定向到 http://192.168.18.3/iframe.jsp
response.sendRedirect(“/iframe.jsp”);
iframe.jsp中读取session中ssoUser的属性值,会发现无法读取。
2.如果先访问了 192.168.18.3的页面,再访问192.168.18.2的页面,此时的iframe嵌入是可以传递已生成好的jsessionid Cookie.
因此解决的办法有:
a.在url中加上jsessionid.
例如重定向到 response.sendRedirect(“/iframe.jsp;jsessionid =lizongbo”);
而这种情况下,如果iframe.jsp页面内的其它连接的url没有加上jsessionid,
也无法继续传递session,不过通过在客户端的js来为每个超连接的href属性重写加上jsessionid.
b.sso.jsp里设置P3P头信息
例如 P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”
或 P3P:CP=”CAO PSA OUR”
java代码为:
response.addHeader(“P3P”,”/”CAO PSA OUR/”");
PHP and Python: Different Paradigms ExplainedApr 18, 2025 am 12:26 AMPHP is mainly procedural programming, but also supports object-oriented programming (OOP); Python supports a variety of paradigms, including OOP, functional and procedural programming. PHP is suitable for web development, and Python is suitable for a variety of applications such as data analysis and machine learning.
PHP and Python: A Deep Dive into Their HistoryApr 18, 2025 am 12:25 AMPHP originated in 1994 and was developed by RasmusLerdorf. It was originally used to track website visitors and gradually evolved into a server-side scripting language and was widely used in web development. Python was developed by Guidovan Rossum in the late 1980s and was first released in 1991. It emphasizes code readability and simplicity, and is suitable for scientific computing, data analysis and other fields.
Choosing Between PHP and Python: A GuideApr 18, 2025 am 12:24 AMPHP is suitable for web development and rapid prototyping, and Python is suitable for data science and machine learning. 1.PHP is used for dynamic web development, with simple syntax and suitable for rapid development. 2. Python has concise syntax, is suitable for multiple fields, and has a strong library ecosystem.
PHP and Frameworks: Modernizing the LanguageApr 18, 2025 am 12:14 AMPHP remains important in the modernization process because it supports a large number of websites and applications and adapts to development needs through frameworks. 1.PHP7 improves performance and introduces new features. 2. Modern frameworks such as Laravel, Symfony and CodeIgniter simplify development and improve code quality. 3. Performance optimization and best practices further improve application efficiency.
PHP's Impact: Web Development and BeyondApr 18, 2025 am 12:10 AMPHPhassignificantlyimpactedwebdevelopmentandextendsbeyondit.1)ItpowersmajorplatformslikeWordPressandexcelsindatabaseinteractions.2)PHP'sadaptabilityallowsittoscaleforlargeapplicationsusingframeworkslikeLaravel.3)Beyondweb,PHPisusedincommand-linescrip
How does PHP type hinting work, including scalar types, return types, union types, and nullable types?Apr 17, 2025 am 12:25 AMPHP type prompts to improve code quality and readability. 1) Scalar type tips: Since PHP7.0, basic data types are allowed to be specified in function parameters, such as int, float, etc. 2) Return type prompt: Ensure the consistency of the function return value type. 3) Union type prompt: Since PHP8.0, multiple types are allowed to be specified in function parameters or return values. 4) Nullable type prompt: Allows to include null values and handle functions that may return null values.
How does PHP handle object cloning (clone keyword) and the __clone magic method?Apr 17, 2025 am 12:24 AMIn PHP, use the clone keyword to create a copy of the object and customize the cloning behavior through the \_\_clone magic method. 1. Use the clone keyword to make a shallow copy, cloning the object's properties but not the object's properties. 2. The \_\_clone method can deeply copy nested objects to avoid shallow copying problems. 3. Pay attention to avoid circular references and performance problems in cloning, and optimize cloning operations to improve efficiency.
PHP vs. Python: Use Cases and ApplicationsApr 17, 2025 am 12:23 AMPHP is suitable for web development and content management systems, and Python is suitable for data science, machine learning and automation scripts. 1.PHP performs well in building fast and scalable websites and applications and is commonly used in CMS such as WordPress. 2. Python has performed outstandingly in the fields of data science and machine learning, with rich libraries such as NumPy and TensorFlow.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Dreamweaver CS6
Visual web development tools
Atom editor mac version download
The most popular open source editor
Zend Studio 13.0.1
Powerful PHP integrated development environment
SublimeText3 Mac version
God-level code editing software (SublimeText3)
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
