The problem of ID inconsistency in Java session Save and get verification code get

A few months ago because I learned a part of Java EE, so recently prepared to write a small project, so I ran into some problems for a Java rookie, I need to save

What kind of problem, that is, I added a verification code in the registration and is Chinese, four word idiom verification code,

First use Java to generate verification code and verification Code picture, call the verification Code interface, the verification code using the session to save the client, and send pictures to the front-end display,

Then click on the registration, the front-end to pass the user input verification code to the background, the background to obtain the user input verification code and use session to get saved in the client's verification code comparison, correct or not

But!!!!!!!!!!!!!!!!!!!!!!! But, but, but

Save Session Code

Request.getsession (). SetAttribute ("code_session", word);

Get Session Code

String usercode_session = (string) request.getsession (). getattribute ("Code_session");

I saved, get the time to get is empty, code no problem, for my Java rookie to find backstage colleagues to help me, but others also depressed, others generally use the framework, the bottom of the forgotten, but said code no problem AH

My colleague suggested I use cookies to save, but the cookie should not be safe, the front-end JS can be obtained, but I change is ready to try, first the function completed

Results!!!!!!!!!!!!!!!!!!!!!!! Page News 500

The original cookie does not support Chinese preservation, I remember the front-end seemingly can save Chinese, backstage incredibly not,

Forget it, I'll save it with the session

And then we print the session ID to see

Print the ID code of the session

Request.getsession (). GetId ()

Found two times ID is not an ID, the ID of the saved session has not changed, but the acquisition has been changing

It took three or four hours, I found the cause of the problem, the original people say there is a cross-domain problem

So the solution

1. Add a cross-domain to the front-end Ajax

$.ajax ({    ' POST ',    url:url,    data:data,    dataType:' json ',    success: Callback,    error:function(e) {      console.log (e)    },    xhrfields: {        True    }  );

2. Background code (added in this interface)

        Response.setheader ("Access-control-allow-origin", Request.getheader ("Origin"));

It's settled, flattered.

The problem of ID inconsistency in Java session Save and get verification code get