This paper mainly introduces the knowledge of the data transfer of the cookies in the cross-domain data interaction between ASP and Ajax Webapi. Has a good reference value. Let's take a look at the little series.
Objective
Recently, the company's project restructuring, from the original three-tier architecture to upgrade to the micro-service architecture (accurate is the service, not exactly the degree of micro, granularity is not so fine), follow the Restfull specification, so that the front and rear end completely separated, to achieve a large front-end thinking. Because it is the first attempt, halfway also encountered a lot of problems. Let's talk about one of these issues today, when Webapi cross-domain data interactions with front-end Ajax, because they are under a different level two domain name (the same domain name), the cookie data cannot be retrieved.
It also solves the problem by transmitting cookies to their webapi through the head (header) at the very beginning.
Another solution is described below.
Resolution process:
Step one: Set the domain of the cookie to a domain name, for example: ". Wbl.com" (under a.wbl.com domain name)
This is the premise that when a cookie is set in one of the WEBAPI, it can be obtained by accessing the other WEBAPI directly with the browser. For example, cookies are provided under the a.wbl.com domain name, and the Webapi of the b.wbl.com domain name accessed directly from the browser can be obtained through cookies. However, with the Ajax access b.wbl.com under the c.web.com domain name, it is not possible to obtain cookies, which is due to the relatively low permissions of Ajax in the browser and the inability of Ajax to cross-domain issues.
Write the Cookie code:
<summary>////for specified Cookies///</summary>// <param name= "Cookkey" >cookies name </param> //<param name= "value" >cookies value </param> //<param name= "domain" > settings with this The domain of the cookie (for example: ". tpy100.com") (Can make a level two domain name access under the domain name) </param> public static void Setcookiesvalue (String cookkey, String value, String domain) { HttpCookie cookie = new HttpCookie (cookkey); Cookies. value = value; Cookies. HttpOnly = true; if (!string. IsNullOrEmpty (domain) && domain. Length > 0) cookies. domain = domain; HTTPCONTEXT.CURRENT.RESPONSE.COOKIES.ADD (cookie); }
Step Two: Ajax uses JSONP data types to solve cross-domain issues (c.wbl.com domain name)
The front and back end needs to define a uniform callback (Callback) function name.
Front-end AJAX code:
Set the cookie function set () { var url = "http://a.wbl.com/api/setvalue/888888"; $.ajax ({ type: "Get", Url:url, dataType: "Jsonp", jsonp: "Callbackparam",// The service side is used to receive parameter Jsonpcallback for the function name of the callback call : "Success_jsonpcallback",//callback's function names success: function (JSON) { console.log (JSON); alert (JSON); }, error:function () { alert (' Fail ');}} ); Get the cookie function get () { var url = "Http://b.wbl.com/api/getvalue"; $.ajax ({ type: "Get", Url:url, dataType: "Jsonp", jsonp: "Callbackparam",// The service side is used to receive parameter Jsonpcallback for the function name of the callback call : "Success_jsonpcallback",//callback's function names success: function (JSON) { console.log (JSON); alert (JSON); }, error:function () { alert (' Fail ');}} );
Step three: Return JSONP data type in WEBAPI
JSONP format:
success_jsonpCallback({“Cookies”:”888888”})
Since this format differs from the JSON format, it is only possible to return the Ihttpactionresult or httprequestmessage type in the Webapi, and finally the output of the stream is implemented in this format.
Webapi Code:
[Route ("Api/getvalue")] [HttpGet] public void GetValue () {String CCC = MyTools.Request.GetString ("Callbackparam"); var a = new {name = "Cookie", value = MyTools.Cookies.GetCookiesValue ("name")}; string result = CCC + "({\" cookies\ ": \" "+ MyTools.Cookies.GetCookiesValue (" name ") +" \ "})"; var response = Request.createresponse (Httpstatuscode.ok); Response. Content = new Stringcontent (result, Encoding.UTF8); HttpContext.Current.Response.Write (result); HttpContext.Current.Response.End (); return response; } [Route ("Api/setvalue/{id}")] [httpget] public void SetValue (int id) {//string domain = ""; String domain = ". wbl.com"; MyTools.Cookies.ClearCookies ("name", domain); MyTools.Cookies.SetCookiesValue ("name", ID.) ToString (), domain); String CCC = MyTools.Request.GetString ("Callbackparam"); string result = CCC + "({\" result\ ": \" set success \ "})"; HttpContext.Current.Response.Write (result); HttpContext.Current.Response.End (); }
Final effect:
After statement:
This is just one way to solve this problem. After Baidu also has a third-party plug-in (Cross-origin, help Page) to deal with, follow-up in the experiment. You pass the great God if there is a better way, hope not stingy, please enlighten! Rookie Thank you!