IE下,iframe跨域调用session消失

被调用端由于session消失,ajax请求error,需要加上<% response.addHeader("P3P", "CP=\"IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA\""); %>

其他浏览器无此问题。

以下为引用:

 

 

 

问题根源: 

IE6/IE7支持的P3P(Platform for Privacy Preferences Project (P3P) specification)协议默认阻止第三方无隐私安全声明的cookie,Firefox目前还不支持P3P安全特性,firefox中自然也不存在此问题了。

 解决办法:

在要嵌入的内容中(iframe指向的站点)输出P3P的主机头声明:
php:
    header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

asp.net:
    HttpContext.Current.Response.AddHeader("p3p", "CP=\""IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""")

或者:Response.AddHeader("P3P","CP=CAO PSA OUR");

jsp:
    response.setHeader("P3P","CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'")

ColdFusion:
    <cfheader name="P3P" value="CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'" />

posted @ 2013-02-20 11:53  七郎  Views(749)  Comments(0Edit  收藏  举报