Jac*_*Leo 11 python django cookies safari iframe
所以基于这里的信息Safari第三方cookie iframe技巧不再有效?在这里,在safari 5.1.5中错过了iframe上的cookie,很明显旧的技巧不会起作用:
from django.http import HttpResponse
from django.conf import settings
SESSION_COOKIE_NAME = getattr(settings, 'SESSION_COOKIE_NAME')
class SafariIFrameFixMiddleware(object):
"""
Middleware fixes sessions with Safari browser in iframes
Safari default security policy restricts
cookie setting in first request in iframe
Solution is to create hidden form to preserve GET variables
and REPOST it to current URL
"""
def process_request(self, request):
if request.META['HTTP_USER_AGENT'].find('Safari') != -1 \
and request.META['HTTP_USER_AGENT'].find('Chrome') == -1 \
and SESSION_COOKIE_NAME not in request.COOKIES \
and 'cookie_fix' not in request.GET:
html = """<html><body><form name='cookie_fix' method='GET' action='.'>"""
for item in request.GET:
html += "<input type='hidden' value='%s' name='%s' />" % (request.GET[item], item)
html += "<input type='hidden' name='cookie_fix' value='1' />"
html += "</form>"
html += '''<script type="text/javascript">document.cookie_fix.submit()</script></html>'''
return HttpResponse(html)
else:
return
所以我正在寻找解决问题的新方法.
它似乎需要打开窗口(用户权限/点击或它将被safari阻止)并在那里开始会话.
问题是,同一个弹出页面将运行所有中间件,因此它不一定在项目内部可行(想要尽可能少的侵入式修复).
django会话启动也是在中间件内部,我还没有找到任何干净的手动启动方式.有什么建议?
| 归档时间: |
|
| 查看次数: |
1834 次 |
| 最近记录: |