Store Temporary Variables Using PHP? -
okay, on website, have lot of embedded pages twitch. below embeds, have authorization flow people can log twitch , click follow button.
normally, flow start at: mydomain.com/channel/name
, , @ end of flow, returned mydomain.com/auth
. originally, had start url stored in browser session storage using javascript; , when reach final auth endpoint, use javascript , pull session storage , relocate them original url.
this has been working great... however, 1 of features have on website ability use custom canonical urls proxy channel on website. use theirdomain.com
proxy mydomain.com/channel/them
.
this created issue session storage since session storage follows cross-domain restrictions. start @ theirdomain.com
, end @ mydomain.com/auth
. since domains don't match, can't access session storage forward them original url.
i using php, i'm wondering best way around this. figure instead of storing start url in session storage, can save using ajax temporary storage using php, linked ip addresses. however, don't know how this.
does php have sort of temporary storage system definable ttl? works across multiple domains? (it same server)
if request proxied same application session accessible, it's session identifier (which stored in cookie, hence cross domain issue) causing problem.
what can pass session identifier 1 domain on transition other domain, part of request, when leap theirdomain.com
to example.com
link formatted http://example.com/blah/?session_id=[session_id_from cookie]
(ideally using https).
then on on example.com grab session_id , use set session_id in cookie domain, , load session source domain.
this can used session hijacking, can having session_id in cookie, it's ok do, though using https endpoints improve security.
Comments
Post a Comment