JavaScript establece una cookie a través de iFrame a través de CORS a través de PHP Permitir encabezado

So I thought this would be possible, but apparently not, so far at least:

I've got domainX trying to send a secure cookie to domainY.com/page.php. So, on domainX, I init a iframe to domainY.com/page.php with the following headers:

<?php
    $url = parse_url($_SERVER["HTTP_REFERER"]);
    $link = $url["scheme"]."://". $url["host"];

    header('P3P:CP="We do not have a P3P Policy"');
    header("Access-Control-Allow-Headers: *"); 
    header("Access-Control-Allow-Origin: " . $link);
    header("Access-Control-Allow-Credentials: true");
    header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
?>

Assuming the headers were correct.. I thought the cookie set would work i.e:

document.cookie = X + "=" + Y + expires + "; path=/; domain=.domainY.com; secure";

It does not, nor do I get any errors. I alreaydy know my final option is postMensaje, but is there any other way around this that anyone is aware of?

preguntado el 22 de septiembre de 13 a las 21:09

first, you can set a cookie on DomainY usin PHP, no need to js for that. Second, you can't read DomainY's cookies from DomainX. You never will. -

@amenadiel I'd rather do via postMessage then PHP. I'm trying to keep this as much front-end as I can. -

1 Respuestas

Resolví este problema por:

Domain A stores cookie into browser, than domain A posts the data into domain B. B catches the data and overwrites B's local cookie.

Respondido 03 Oct 13, 22:10

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.