javascript - Ajax跨域请求如何附带Cookie

Question

被请求端返回头已设置

Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Origin, Accept-Language, Accept-Encoding,
X-Forwarded-For, Connection, Accept, User-Agent, Host, Referer,
Cookie, Content-Type, Cache-Control, *
Access-Control-Allow-Origin:根据Referer

javascript 代码如下

var x=new XMLHttpRequest();
x.open('GET','http://reiove.duoshuo.com/api/sites/listVisitors.json',1);
x.onload=function(){
    console.log(x.responseText);
};
x.send();

但这样请求过去header里并没有附带 reiove.duoshuo.com 的 Cookie

如何让发送请求时附带所请求url站点的Cookie？

Answer 1

需要本地带上x.withCredentials = true;
在远端带上Access-Control-Allow-Credentials: true（你已经带了）

见 http://www.w3.org/TR/XMLHttpRequest/#the-withcredentials-attribute