我的后端托管在 - backend.app.localhost 上,我的前端托管在 lander.app.localhost 上
使用下面的api路由我想将cookie设置为lander.app.localhost,但不幸的是访问lander.app.localhost时cookie没有显示。
@cherrypy.tools.json_in()
@cherrypy.tools.json_out()
def POST(self):
allowed_origin = 'https://lander.app.localhost'
origin = cherrypy.request.headers.get('Origin', None)
cherrypy.session['something'] = "john"
if origin == allowed_origin:
# Extract the client's domain from the 'Origin' header
client_domain = '.' + origin.split('://')[1]
cookie = cherrypy.response.cookie
cookie['session_id'] = cherrypy.session.id
cookie['session_id']['expires'] = (datetime.datetime.utcnow() + datetime.timedelta(days=1)).strftime("%a, %d %b %Y %H:%M:%S GMT")
cookie['session_id']['path'] = '/'
cookie['session_id']['secure'] = True
cookie['session_id']['domain'] = client_domain
cherrypy.response.headers['Access-Control-Allow-Origin'] = allowed_origin
cherrypy.response.headers['Access-Control-Allow-Credentials'] = 'true'
cherrypy.response.headers['server'] = 'cherrypy'
cherrypy.response.headers['Set-Cookie'] = str(cookie)
return {'status': 'success', 'message': 'updated'}
我的 app.conf 文件看起来像这样
tools.sessions.name: "app_id"
tools.sessions.httponly: False
tools.sessions.on: True
# tools.sessions.persistent: True
tools.sessions.samesite: 'none'
tools.sessions.timeout: 1440