I do not see SESSION vars when calling subdomain s

2019-08-05 18:03发布

问题:

I've got a problem. I hope you'll help me to solve it.

I'm creating chat with LONG POLLING. To keep main domain ajax requests (send message) untouched (unqueued), I had to put my long-polling script to subdomain. So I've got 2 "domains"

foo.cz channel.foo.cz

I do not mind about any Same Origin Policy right now as I put

header("Access-Control-Allow-Origin: *");

at top of that script. I also do use

ini_set('session.cookie_domain', '.foo.cz');

in all scripts (sending, receiving, chatting room).

For debugging, i've got this in my channel.foo.cz/getNews.php:

print_r($_SESSION);
print_r($_COOKIE);
die();

My problem is:

  1. I do load chatting room
  2. Ajax (jquery) requests channel.foo.cz/getNews.php
  3. getNews.php returns this:

    array()array()

  4. It look that cookies and session isn't setted up. But! If I look into my FF cookie browser, I do see that domain for these cookies set in chatRoom is .foo.cz
  5. If I try to copy ajax request uri and paste it into browser url, it returns me

    array([username] => martin)array([SESSID] => some1D65a4s6d54asd)

How is that possible? Sorry for long question and thanks for all answers!

回答1:

You need to look at session_set_cookie_params function's third parameter. It sets the domain name where the cookie with SID is valid in.



回答2:

I've got it. Browser is restricting to send cookies to another subdomain So I have used iframe which is sending request to my subdomain. However, there were some problem when there were vanishing sessions. Solution? php.ini:

suhosin.session.cryptdocroot=Off

suhosin.cookie.cryptdocroot=Off