Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
webe2018-06-02 17:53:41
JavaScript
webe, 2018-06-02 17:53:41

How do Sessions work with AJAX?

All actions take place on https://domain.ru
Example 1: when accessing https://domain.ru/auth , a session is established on the server and a session cookie is returned
Example 2: when accessing https://domain.ru: 8881/get a session is established on the server and a session cookie is returned.
We always go to https://domain.ru/index.html and send an AJAX GET request from this page to the addresses indicated above.
RESULTS:
for example 1:
will we have a cookie set in the browser immediately after the AJAX request is made? This cookie can be used, it will be valid roughly speaking.
for example 2:
We will have a cookie set immediately after the AJAX request is made, but we will not be able to use it, because it will be for a different domain, we send a request for 80 times, and the cookie is set for 8881 ?
It's like that? or am I confusing something?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
Stalker_RED, 2018-06-02
@webe

Actually your question is not about sessions, as you wrote in the title, but about whether cookies are bound to a port.
If you google something like "coockie port" then you will immediately find the answer: NO .

Similarly, cookies for a given host are shared across all the ports on that host, even though the usual "same-origin policy" used by web browsers isolates content retrieved via different ports.

Report
D
display: block, 2018-06-02
@qork

https://tools.ietf.org/html/rfc6265#section-8.5

Cookies do not provide port isolation. If a cookie can be read by a service running on one port, the cookie is also read by a service running on a different port on the same server. If a cookie is writable by a service on one port, the cookie can also be writable by a service running on a different port on the same server. For this reason, servers SHOULD NOT run mutually untrusting services on different ports on the same host and use cookies to store sensitive security information.

Similar questions
T
The Dragger2015-04-03 11:25:21
Which image upload for Yii would you recommend? 4Reply
V
Vadik Serebryansky2019-09-11 15:11:27
Will Sandy Bridge Xeon run on 1600 RAM and B number? 1Reply
P
P_Alexander2019-09-13 08:14:10
I downloaded the file and it is written to stdout, how can I drive it into a file now? 2Reply
U
Utopia2015-04-23 02:42:24
How is the messenger connection and network operation implemented? 2Reply
S
sanex33392015-04-23 18:13:09
How to fix scroll in navigation bar area in ios safari? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question