Personal confidence page through the IFrame nested third party page, domain name is different, call the third party interface, in Chrome test normal, in Internet Explorer is embedded in the page Session invalidation. (Session is based on cookie implementation, reference page is not allowed to use cookie)
Problem analysis:
The IE-supported P3P(Platform for Privacy Preferences Project (P3P) Specification) protocol by default prevents third party cookies without Privacy security claims, and Firefox does not currently support P3P security features, nor does it naturally exist in Firefox.
Solutions:
1. Modify the setting of the Client
so that the Client can accept cookies from any website (specifically set in the privacy page of IE option to add B site to the trusted site)
or set both domains to the trusted site2. The domain of the application modifies the
simple scheme: two applications use the same domain
Complex solution: you can force changes tothrough setdomain in pages loaded by the iframe. 3. P3P
first: output the host header declaration of P3P in the content to be embedded (the site the iframe points to) as follows:
Open IIS Manager InetMgr to be embedded in the iFrame source site or directory, right-click to open the Properties box and toggle to HTTP headers Add custom HTTP headers P3P Custom HTTP headers CP=”CAO PSA OUR” Close the properties box and exit, effective immediately
Response.addheader (“P3P”,”CP=CAO PSA OUR”);
Transfer: https://www.cnblogs.com/weibozeng/archive/2013/11/06/3410904.html
Read More:
- Solution to cross domain sharing problem of session
- Ajax error reporting cross domain, AJAX cross domain access error 501 solution
- [Solved] Incompatibile SockJS! Main site uses: “1.5.0”, the iframe: “1.0.0”. at s (VM6 sockjs.min.js:2) version issue
- How to solve the cross domain problem of Axios in Vue project
- Chrome setting — Disable web security to solve cross domain problems
- Solved: No’Access-Control-Allow-Origin’ cross-domain issue
- Springboot plus cross domain annotation @crossorigin startup error
- MySQL: if the remote connection using navicatip fails, prompt “is not allowed to connect to this MySQL server”
- Hzero – if the local swagger fails to register, the connection timeout or gateway error will be displayed
- session_ start(): open(SESSION_ FILE, O_ Rdwr)) failed: processing of permission denied (13)
- IOS WebView failed to load the web page. Error domain = kcferrodomaincfnetwork code = 310 “there was a problem communicating with the secure web proxy server (HTTPS). “
- Domain error in object XXX “other” domain “other” rejected values and atm913
- JS error: permission denied to access property ‘document’— document.domain -The same source strategy of JavaScript
- failed to lazily initialize a collection of role: ……, no session or session was closed
- HTML method IE8 reports an error, IE8 jQuery Ajax obtains static resources reports an error, typeerror denies access
- After SAP Spartacus successfully logs in, does the request base site need access token
- Android’s viewpager slides to determine whether the current stop page is the last page
- Latex sets page margin, page size, page margin and geometry macro package
- What are the web front end technologies? What are the differences between cookie and session
- SSH suddenly fails to log in, and an error is reported: failed to start openssh daemon