I am really confused on this problem. Hope you could give me some hints!
First, there is a test.html which host on client server and with a button. Then, the below ajax code is called when button is clicked. A new window will be popped out.
test.html
$.ajax({
crossDomain: true,
xhrFields: {
withCredentials: true
},
type: 'POST',
url: 'a.com/a.aspx', //the server file
data: 'data=sth',
contentType: "application/x-www-form-urlencoded; charset=utf-8",
dataType: "text",
success: function (data) {
if (win != null) {
if (win.opener == null) {
win.opener = self;
}
win.location.href = data; //return the url of website B
if (win.focus) win.focus();
}
},
error: function (data) {
alert("");
}
});
After that, the return data would navigate the new window to website B.
For cors ajax call, I have added
crossDomain: true,
xhrFields: {
withCredentials: true
}
to the test.html and
<add name="Access-Control-Allow-Origin" value="//client domain" />
<add name="Access-Control-Allow-Headers" value="Content-Type" />
<add name="Access-Control-Allow-Method" value="POST,OPTIONS"/>
<add name="Access-Control-Allow-Credentials" value="true"/>
to the server's web.config
The problem is, in the new window, the cookies is reset after navigating to website B.
Updates
win.location.href = 'a.com'; // it works
win.location.href = other domain; // cookies is reset
I found that win.location.href makes session lost with cross domain. How to deal with it?
