如何设置第三方cookie

本文介绍了如何设置第三方cookie的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

如何设置第三方Cookie。我有要求设置cookie和cookie将启用d在访问的网站，像我已经设置cookie在abc当我访问cde或def或ghi 所以设置cookie将被抓取所有的网站。 我如何在javascript中获取所有域的cookie。

How I can set third party cookie. I am having requirement set cookie and cookie will be enable d in visited websites, Like I have set cookie in abc when I visit cde or def or ghi so set cookie will be fetch on all the website. How I can fetch cookie on all domain in javascript.

推荐答案

的 abc，cde，def，你会有 abc.xyz，cde.xyz，def.xyz， （google for 子域名Cookie ）。 也许可以设置您的网站，并仍然满足您的要求。

It would be possible to directly share cookies if instead of abc, cde, def, you would have abc.xyz, cde.xyz, def.xyz, (google for subdomain cookies). Maybe it is possible to set your websites like that and still meet your requirements.

否则，如果所有这些网站不能在同一个域的子域，那么你可能有其中一个作为一个中央cookie服务器，当用户在其他域时，你可以使用JSONP来引导他们到你的cookie域上的一些脚本，它会发送给你自己的id或任何，并使你的脚本处理AJAX请求将其域Cookie设置为相同的值。示例：

Otherwise, if all of those websites cannot be in subdomains of the same domain, then you may have one of them act as a central cookie server and when the user is on other domains you could use JSONP to direct them to some script on your cookie domain that would send you their id or whatever and make your script that handles the AJAX request set its domain cookie to the same value. Example:

用户访问def

def上的JavaScript代码发出JSONP请求to abc

如果尚未设置Cookie，abc会设置Cookie

abc返回Cookie值作为对脚本在def上

脚本将其本地def Cookie设置为相同的值

user visits def

JavaScript code on def makes an JSONP request to abc

abc sets a cookie if it is not set yet

abc returns the cookie value as a response to the script on def

script on def sets its local def cookie to the same value

现在你的服务器可以协调他们的统计信息等。

and now your servers can coordinate their statistics etc.

所有这一切当然可能只有当所有的网站互相合作，您的网站不能混淆您不能控制的其他网站的Cookie。

All of this is of course possible only if all of the websites cooperate with each other, ie. your websites cannot mess with cookies of other websites that you don't control as well.

更新：

另请参阅Alex Sexton的打破跨域障碍演讲，了解一些灵感和代码示例。

See also Breaking The Cross Domain Barrier talk by Alex Sexton for some inspirations and code example.

UPDATE：

如果您决定使用类似的方法请确保您了解潜在的安全问题，例如的可能性跨站请求伪造攻击。 针对JSONP安全性搜索堆栈溢出，以了解有关如何确保安全的更多信息。请记住，上面的解释是一个简单的有点复杂的过程，你需要了解。您已收到警告。

If you decide to use a method similar to the one outlined above, make sure you understand the potential security issues like a possibility of a cross site request forgery attack. Search Stack Overflow for JSONP security to find more informations on how to make it safe. Keep in mind that the above explanation is a simplification of a somewhat complicated process that you need to understand. You have been warned.