In web application a, a.htm has an IFRAME. IFRAME points to B. aspx of Web application B (including cookie read/write operations of Web application B, which has nothing to do with application A), that is, the advertisement Publishing Page.
Application A is deployed in http://www.123.com, application B is deployed in http://www.456.com.cn
A.htm Code As follows:
<HTML>
<Head>
<Meta http-equiv = "Content-Type" content = "text/html; charset = gb2312">
</Head>
<Body>
<Div>
<IFRAME src = "http://www.456.com.cn/aditem/ B .aspx" width = 500 heigth = 300 frameborder = 1 scrolling = NO> </iframe>
</Div>
</Body>
</Html>
-----------------------------------------------------------------------------
B. aspx does not add any code manually
---------------------------------------
B. The page_load code of Aspx. CS is as follows:
For (INT I = 0; I <this. Request. Cookies. Count; I ++ ){
If (this. Request. Cookies [I]. haskeys = true & this. Request. Cookies [I]. Name = "TCL "){
For (Int J = 0; j <this. Request. Cookies [I]. Values. Count; j ++ ){
String sname = This. Request. Cookies [I]. Name;
String sitem = This. Request. Cookies [I]. Values. allkeys [J];
String svalue = This. Request. Cookies [I]. Values [J];
This. response. Cookies [sname] [sitem] = svalue;
}
Break;
}
}
This. response. Cookies ["TCL"] ["item" + datetime. Now. tostring ("yyyymmddhhmmss")] = datetime. Now. tostring ("yyyymmddhhmmss ");
If (cadprovider. cadprovider. Domain! = NULL & cadprovider. cadprovider. Domain! = ""){
This. response. Cookies ["TCL"]. Domain = cadprovider. cadprovider. domain;
}
This. response. Cookies ["TCL"]. Path = "/aditem ";
This. response. Cookies ["TCL"]. expires = datetime. Now. addhours (1 );
-----------------------------------------------------------------------------
Cadprovider. cadprovider. domain is the domain name of the cookie read in the configuration file.
The purpose is to enable logging.
I really don't understand. cadprovider. cadprovider. domain is configured as www.456.com.cn/.456.com.cn/456.com.cn/www.123.com/123.com. neither the path setting nor the B. aspx setting can read or write cookies!
Independently call the http://www.456.com.cn/aditem/ B .aspx, Cookie read and write are normal!
------------------------------
I went to consult a senior speaker and said that this is a cross-origin cookie. Although the cookie can be written through page Jump, my application environment does not allow page Jump to write cookies.
Microsoft does. Does IFRAME write its own cookies without accessing cookies from other domains?