{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 狗以群分 的问题《Including Cookies on a AJAX Request for Cross Doma》','https://www.manongdao.com/q-1142425.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am developing Analytics application and I need a way to identify each user device uniquely. For this, the approach I am following is creating a "cookie" from a server side. All page clicks and tracking will be updated to server using Ajax requests.
My problem is, I have my analytics in xyz.com. Abc.com and 123.com are the applications which installs my plugin(javascript) code. On the first visit, I am creating a cookie "sha1" to identify each user/device uniquely, on each consecutive requests, I need to check in server whether cookie "sha1" exists, on based on that should have to take necessary action. Since I am making Ajax calls to the server and since it is a cross domain request, no cookies are added to the request. I have looked at various options available to include cookies to request like setting "withCredentials=true", "crossDomain=true", but with no success.
I want the solution using Pure Javascript and would be really grateful if any one help me out. Also I am open to change my approach, if any feasible and easy to implement solution is recommended.
Here is an XMLHttpRequest() example that i have used for CORS with cookie credentials successfully in Chrome, FF 3.5+, Safari 4+, IE10+. If this does not work, it is probably something wrong with server configuration or browser compatibility.
I know that safari and IE10+ require the user to allow third party cookies in their browser preferences. I don't think there is any way around this without using custom headers in place of cookies and setting the Access-Control-Allow-Headers on the server to include the custom headers. Also I believe you need Access-Control-Allow-Headers: "Content-Type".
To go back as far as IE8/9, you would need to implement a fallback to XDomainRequest(), but those do not support cookie credentials.
The processData and contentType flags may only be necessary for POST requests. I use FormData() objects when doing POSTs, not JSON.
It can't be done in js, you need to modify the headers sent from the server:
How to add those headers, depend on which software are you using to serve pages.