Javascript Express会话不适用于Ajax调用
当我直接从浏览器调用Javascript Express会话不适用于Ajax调用,javascript,node.js,ajax,session,express,Javascript,Node.js,Ajax,Session,Express,当我直接从浏览器调用/test路由时,我发现会话设置正确。但是,当我在一个ajax调用中执行同样的操作时,我发现会话中没有我以前通过另一条路径添加的信息/temp 快速会话配置 { "key": "nsid", "secret": "some secret password", "cookie": { "path": "/", "httpOnly": false, "maxAge": null, "secur
/test/temp{
"key": "nsid",
"secret": "some secret password",
"cookie": {
"path": "/",
"httpOnly": false,
"maxAge": null,
"secure": false
},
"resave": true,
"saveUninitialized": true,
"proxy": null
}
router.get('/temp', (req, res) => {
const useCase = 'card';
req.session = req.session || {};
req.session.trackingInformation = {};
req.session.trackingInformation.useCase = useCase;
req.session.save();
console.log(req.session);
res.render('/temp');
});
router.get('/test', (req, res) => {
console.log(Util.inspect(req.session));
res.send({});
});
fetch('/test').then((response) => {
if (response.status >= 400) {
console.log(response.status);
}
return response.json();
}).then((json) => {
console.log(json);
//do something
});
localhost:8000/temp/test{
"cookie": {
"path": "/",
"_expires": null,
"originalMaxAge": null,
"httpOnly": false,
"secure": false
},
"_csrfSecret": "secret",
"_shared": {
"deviceInfo": {
...
}
}
}
locahost:8000/templocalhost:8000/test{
"cookie": {
...
},
"_csrfSecret": "secret",
"_shared": {
"deviceInfo": {
...
}
},
"trackingInformation": {
"useCase": "card"
}
}
答案就在ajax调用中。默认情况下,Fetch不会发送cookies。您需要通过传递
凭证:“同一来源”fetch('/test', {
credentials: 'same-origin'
}).then((response) => {
if (response.status >= 400) {
console.log(response.status);
}
return response.json();
}).then((json) => {
console.log(json);
//do something
});
查看了解更多信息。为此浪费了一个多小时,谢谢!看起来它位于文档中,只是没有突出显示()
默认情况下,fetch不会从服务器发送或接收任何cookie,如果站点依赖于维护用户会话(要发送cookie,必须发送凭据标头),则会导致未经验证的请求。