How to transfer session from domain to domain?

M

Mikhail Shatilov2014-08-02 18:35:27

PHP

Mikhail Shatilov, 2014-08-02 18:35:27

The plan was as follows: on the 1st site you added to the cart, on the 2nd site you also see the product.
Implementation:
When visiting 1 site, js makes a request to the desired url and gets the session id of the current user on another site. But it was not there. The session requested by js-com is different every time.

Session giving file:

$session_id = session_id();
    
    if ($session_id) {
      $res = array(
        'session_id'=>session_id()
      );
      header('Access-Control-Allow-Origin: *');
      echo json_encode($res);
    }

How to get the session id on another site for the current user?

ps Both sites are on the same server.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexander Melekhovets, 2014-08-02
@iproger

session_id is different every time, because the session starts anew every time. This is due to the fact that cookies (including session cookies) are not transmitted by default during CORS requests. In order to be passed, you need to 1) set XMLHttpRequest with withCredentials = true and 2) explicitly specify in Access-Control-Allow-Origin the domain from which the request is allowed, "*" does not work for security reasons.