I have bookmarklet. If I open a random page (not mine) and click the

Question

0

Asked: May 27, 20262026-05-27T09:33:07+00:00 2026-05-27T09:33:07+00:00

I have bookmarklet. If I open a random page (not mine) and click the

0

I have bookmarklet. If I open a random page (not mine) and click the bookmarklet, I would like to check if the user is logged in on my page.

I am already doing Cross-Domain AJAX Request using Access-Control-Allow-Origin, but it looks like there is not Session ID or cookie send here.

Is there a way to do this?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T09:33:08+00:00

Alex is right! Here the full solution. (It does not work with IE8 and IE9!)

You need to set withCredentials on the client side. Since jQuery 1.5.1 you can do it like shown below (Source). For older Version follow the white rabbit.

$.ajax({
   url: a_cross_domain_url,
   xhrFields: {
      withCredentials: true
   }
});

On the server side you have to allow setting options, allow the credentials and allow to origin. Wildcard origin is not allowed! But you can read out the origin from the request header 🙂

// auto adapted Access Control to origin from request header.
$headers = apache_request_headers();
foreach ($headers as $header => $value) {
    if ($header == 'Origin')
        header('Access-Control-Allow-Origin: ' . $value, true);
}
// send cookies from client
header('Access-Control-Allow-Credentials: true', true);
// allow all methods
header('Access-Control-Allow-Methods: GET, POST, OPTIONS', true);

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have bookmarklet. If I open a random page (not mine) and click the

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply