CentOS的系统(Linux 内核)

编辑HOST

vi /etc/hosts

加入
127.0.0.1 www.a.com
127.0.0.1 www.b.com

首先:创建 a_setcookie.php 文件,内容如下:

<?php
//header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
setcookie("test", $_GET['id'], time()+3600, "/", ".a.com");
?>

然后:创建 a_getcookie.php 文件,内容如下:

<?php
var_dump($_COOKIE);
?>

最后:创建 b_setcookie.php 文件,内容如下:

<script src="http://www.a.com/a_setcookie.php?id=www.b.com"></script>

----------------------------

三个文件创建完毕后,我们通过浏览器依次访问:

http://www.b.com/b_setcookie.php
http://www.a.com/a_getcookie.php

我们会发现,在访问b.com域的时候,我们并没有在a.com域设置上cookie值。

然后我们修改一下a_setcookie.php文件,去掉注释符号,a_setcookie.php即为:

<?php
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');

setcookie("test", $_GET['id'], time()+3600, "/", ".a.com");
?>

再次通过浏览器依次访问:

http://www.b.com/b_setcookie.php
http://www.a.com/a_getcookie.php

这次,你会发现在访问b.com域的时候,我们设置了a.com域的cookie值。

末了补充一句,似乎只有IE对跨域访问COOKIE限制比较严格,上述代码在FIREFOX下测试,即使不发送P3P头信息,也能成功。

==========================================

通过Fiddler可以方便的知道上面P3P代码的含义

P3P Header is present:
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Compact Policy token is present. A trailing 'o' means opt-out, a trailing 'i' means opt-in.

CURa
Information is used to complete the activity for which it was provided.

ADMa
Information may be used for the technical support of the Web site and its computer system.

DEVa
Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market.

PSAo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals.

PSDo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals.

OUR
We share information with ourselves and/or entities acting as our agents or entities for whom we are acting as an agent.

BUS
Info is retained under a service provider's stated business practices. Sites MUST have a retention policy that establishes a destruction time table. The retention policy MUST be included in or linked from the site's human-readable privacy policy.

UNI
Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service.

PUR
Information actively generated by the purchase of a product or service, including information about the method of payment.

INT
Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity.

DEM
Data about an individual's characteristics -- such as gender, age, and income.

STA
Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies.

PRE
Data about an individual's likes and dislikes -- such as favorite color or musical tastes.

COM
Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system.

NAV
Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page.

OTC
Other types of data not captured by the above definitions.

NOI
Web Site does not collected identified data.

DSP
The privacy policy contains DISPUTES elements.

COR
Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.

Validate at: http://www.w3.org/P3P/validator.html
Learn more at: http://www.fiddlertool.com/redir/?id=p3pinfo

参考文档:http://www.w3.org/P3P/

PHP 通过设置P3P头来实现跨域访问COOKIE的更多相关文章

  1. 通过设置P3P头来实现跨域访问COOKIE

    通过设置P3P头来实现跨域访问COOKIE 实际工作中,类似这样的要求很多,比如说,我们有两个域名,我们想实现在一个域名登录后,能自动完成另一个域名的登录,也就是PASSPORT的功能. 我只写一个大 ...

  2. CP=&quot;CAO PSA OUR&quot; 用P3P header解决iframe跨域访问cookie

    1.IE浏览器iframe跨域丢失Session问题 在开发中,我们经常会遇到使用Frame来工作,而且有时是为了跟其他网站集成,应用到多域的情况下,而Iframe是不能保存Session的因此,网上 ...

  3. 在IE浏览器中iframe跨域访问cookie/session丢失的解决办法

    单点登录需要在需要进入的子系统B中添加一个类,用于接收A系统传过来的参数: @Action(value = "outerLogin", results = { @Result(na ...

  4. java 设置允许ajax XMLHttpRequest 请求跨域访问

    怎样才能算跨域?协议,域名,端口都必须相同,才算在同一个域. 方案1: 使用XMLHttpRequest...  异步请求不能跨域访问,除非要访问的网页响应头信息设置为允许跨域访问. 将网页设置为允许 ...

  5. 使用JSONP彻底解决Ajax跨域访问Cookie Session的方案

    最近做开发时要把图片文件放到另外一台服务器上(另外一个域名),因为这样分布式存放,网站打开速度会快很多.而我采用AJAX获取图片服务器上某用户的图片时遇到了问题,按照通常的方式无法获取信息,得到的Co ...

  6. 利用javascript跨域访问cookie之广告推广

    在上一篇<说一说javascript跨域和jsonp>中,利用JSONP进行了跨域的数据访问,利用JS本身的跨域能力在远端生成HTML结构的方式完成了一个小广告. 在实际应用中, 跨域使用 ...

  7. Ajax实现跨域访问的两种方法

    调程序时遇到"已拦截跨源请求:同源策略禁止读取位于--的远程资源",这是因为通过ajax调用其他域的接口会有跨域问题. 解决方法如下: 方法一:服务器端(PHP)设置header头 ...

  8. 阿里云OSS设置跨域访问

    OSS 提供 HTML5 协议中的跨域资源共享 CORS 设置,帮助您实现跨域访问.当 OSS 收到一个跨域请求(或者 OPTIONS 请求)时,会读取存储空间对应的 CORS 规则,然后进行相应的权 ...

  9. 阿里云OSS设置跨域访问 H5的时候

    OSS 提供 HTML5 协议中的跨域资源共享 CORS 设置,帮助您实现跨域访问.当 OSS 收到一个跨域请求(或者 OPTIONS 请求)时,会读取存储空间对应的 CORS 规则,然后进行相应的权 ...

随机推荐

  1. 在Linux(Ubuntu)下搭建ASP.NET Core环境并运行 继续跨平台

    最新教程:http://www.cnblogs.com/linezero/p/aspnetcoreubuntu.html 无需安装mono,在Linux(Ubuntu)下搭建ASP.NET Core环 ...

  2. HDU 2433 Travel (最短路,BFS,变形)

    题意: 给出一个图的所有边,每次从图中删除一条边,求任意点对的路径总和(求完了就将边给补回去).(有重边) 思路: #include <bits/stdc++.h> using names ...

  3. linux 常用命令 集锦

    第一章  LINUX简介及安装    1一.LINUX介绍    1二.LINUX安装    2三.LINUX目录    2四.总结来说:    3第二章 常用命令及帐户管理    4一.linux命 ...

  4. 相遇Qt5

    使用Qt5.x版本中的不同方面来开发应用程序,着重于新的Qt Quick的技术,提供了编写C++后端的必要内容,并扩展了Qt Quick.     本章提供了关于Qt5高层次的概述.它对开发者有效的展 ...

  5. Android开发中小知识

    1. Eclipse中代码对齐的快捷键:Ctrl+Shift+F 2.API打开显示“已取消到该网页的导航”——解决办法:右键文件属性,点击解除锁定即可

  6. [Robot Framework] 通过SikuliLibrary可以获取到图片,但是点击失效

    执行时,可以看到鼠标已经移动到图片上了,但是点击失效,日志也没有报错 后来发现是windows权限的问题. 通过打开Control Panel->System and Security-> ...

  7. padding(内边框), border(边框), margin, 标准文档流, 块级元素和行内元素, 浮动 ,margin的用法

    盒模型 在CSS中,"box model"这一术语是用来设计和布局时使用,然后在网页中基本上都会显示一些方方正正的盒子.我们称为这种盒子叫盒模型. 盒模型有两种:标准模型和IE模型 ...

  8. sqlserver 同义名的使用

    USE [ccflow5]GOdrop synonym ccusergo/****** Object:  Synonym [dbo].[ccuser]    Script Date: 11/12/20 ...

  9. ifdown eth0或service network restart

    错误提示信息如下: Shutting down interface eth0:  Error: Device 'eth0' (/org/freedesktop/NetworkManager/Devic ...

  10. python学习笔记(自定义库文件路径)

    博主最近在弄接口自动化.主要是基于python自带的unittest框架.包括 Pubilc模块定义所有接口. Main模块根据业务需求重新封装接口便于测试. config文件导入测试业务的固定参数. ...