播放框架 cookie cors

Question

现在我正在使用 play framework 2.3，如何在 cors 上共享 cookie（跨域） 我在 localhost:9000 端口上有播放应用程序，我想将 cookie 共享给在 localhost:5000 上运行的客户端 客户端无法获取 cookie 我在游戏框架应用程序中尝试了这个：

response().setCookie(AUTH_TOKEN, authToken); //with setting on application.conf (session.domain="http://localhost:5000") cookies sent but cannt read by javascipt /failed
response().setCookie(AUTH_TOKEN, authToken,10000,"localhost:5000","/"); //fail
response().setCookie(AUTH_TOKEN, authToken,10000,"127.0.0.1:5000","/*"); //fail
response().setCookie(AUTH_TOKEN, authToken,10000,"127.0.0.1:5000","/*"); //fail

这是对 chrome 的响应：

Remote Address:127.0.0.1:9000
Request URL:http://localhost:9000/common/login
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,id;q=0.6,ms;q=0.4
Connection:keep-alive
Content-Length:33
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Host:localhost:9000
Origin:http://localhost:5000
Referer:http://localhost:5000/index-login.html
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Form Dataview sourceview URL encoded
username:adilramdan
password:1234
Response Headersview source
Access-Control-Allow-Headers:X-Requested-With, Content-Type, X-AUTH-TOKEN
Access-Control-Allow-Origin:*
Content-Length:52
Content-Type:application/json; charset=utf-8
Set-Cookie:authToken=8cd7d5cc-600a-42a0-ab79-d7ff2b4f71b0; Expires=Tue, 15 Jul 2014 02:30:09 GMT; Path=/  

如何正确的方式？ 谁能帮帮我？

Answer 1

您可能需要使用 Access-Control-Allow-Credentials 标头。如果您使用的是 AJAX/JQuery，则必须设置

withCredentials = true 

在您的请求中。服务器还必须以标头响应

Access-Control-Allow-Credentials: true

请注意，如果您这样做，您必须为Access-Control-Allow-Origin 指定一个值。当Access-Control-Allow-Origin 是通配符时，浏览器将不接受Access-Control-Allow-Credentials 标头。

在此处查看资源：

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Access-Control-Allow-Credentials

http://www.html5rocks.com/en/tutorials/cors/