Answer the question
In order to leave comments, you need to log in
How do Sessions work with AJAX?
All actions take place on https://domain.ru
Example 1: when accessing https://domain.ru/auth , a session is established on the server and a session cookie is returned
Example 2: when accessing https://domain.ru: 8881/get a session is established on the server and a session cookie is returned.
We always go to https://domain.ru/index.html and send an AJAX GET request from this page to the addresses indicated above.
RESULTS:
for example 1:
will we have a cookie set in the browser immediately after the AJAX request is made? This cookie can be used, it will be valid roughly speaking.
for example 2:
We will have a cookie set immediately after the AJAX request is made, but we will not be able to use it, because it will be for a different domain, we send a request for 80 times, and the cookie is set for 8881 ?
It's like that? or am I confusing something?
Answer the question
In order to leave comments, you need to log in
Actually your question is not about sessions, as you wrote in the title, but about whether cookies are bound to a port.
If you google something like "coockie port" then you will immediately find the answer: NO .
Similarly, cookies for a given host are shared across all the ports on that host, even though the usual "same-origin policy" used by web browsers isolates content retrieved via different ports.
https://tools.ietf.org/html/rfc6265#section-8.5
Cookies do not provide port isolation. If a cookie can be read by a service running on one port, the cookie is also read by a service running on a different port on the same server. If a cookie is writable by a service on one port, the cookie can also be writable by a service running on a different port on the same server. For this reason, servers SHOULD NOT run mutually untrusting services on different ports on the same host and use cookies to store sensitive security information.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question