Shulou(Shulou.com)06/02 Report--

How to obtain Cookie analysis across domains? in view of this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

Recently, I found a small detail when using Taobao, so I started to write this article.

When we log in in www.taobao.com, and then switch directly to the www.tmall.com domain name, we find that the top of the www.tmall.com home page immediately displays "Hello, andyfaces", so we analyze the implementation mechanism here.

First of all, the user name should be stored in cookie, so use firefox in the domain name of taobao.com to see that the user name is indeed stored in cookie, while the cookie is not stored in tmall.com:

What is certain is that domain access is definitely not allowed for cookie. This is true whether through JS or Server-side programs, so how does tmall.com access cookie under taobao.com?

So open tmall.com, then use firebug to debug, and find such a request statement

The JS code of its page is:

KISSY.getScript ("http://www.taobao.com/go/app/tmall/login-api.php?"+Math.random())"

After seeing this, I probably know how he handled it. In order to confirm it, I searched the KISSY.getScript function code and did adopt JS's cross-domain JSONP solution:

GetScript: function (url, success, charset) {var isCSS = RE_CSS.test (url), node = doc.createElement (isCSS? 'link':' script'), config = success, error, timeout, timer; node.src = url; node.async = true; scriptOnload (node, function () {if (timer) {timer.cancel () Timer = undef;} S.isFunction (success) & & success.call (node); / / remove script if (head & & Node [XSS _ clean]) {head.removeChild (node) ); head.insertBefore (node, head.firstChild);}

The principle is to dynamically load js through dynamic create js include, and then bind onload events or judge onreadystatechange for the script node. The details can be referred to the processing of the function of scriptOnload above. When the js is loaded, the callback is used to execute the success function.

To be more accurate, use the $. GetScript of Jquery to test it, first log in successfully under taobao.com, and then randomly write a test page locally, using the following statement:

$.getScript ('http://www.taobao.com/go/app/tmall/login-api.php?0.6783450077710154', function () {console.log ("the taobao.com cookie object:" + userCookie + "username:" + userCookie._nk_);})

Firbug results:

In fact, the general principle is that by providing a request address on the server side of www.taobao.com to get the php of all cookie under the current domain, and then the php obtains the cookie, it will be combined into js code, as seen in the second screenshot above. Then use jsonp to load the js code across domains in tmall, thus realizing the cross-domain access of cookie.

This is the end of the answer to the question on how to obtain Cookie analysis across domains. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.