阅读说明：本技术 用于防止域门户上会话固定的系统和方法 (System and method for preventing session pinning on a domain portal ) 是由 罗伊·尤达森 俄林·阿尔夫·埃林森 伊泰·杜乌德瓦尼 奥伦·哈菲夫 于 2017-05-26 设计创作，主要内容包括：在一个实施例中,方法包括系统从用户的设备接收请求,该请求被定向到第一主机。系统可以生成密钥、验证令牌和加密密钥。系统可以从第一主机向设备传输验证令牌和加密密钥,并且传输指令,指令被配置成使得：(1)验证令牌被存储为与第一主机相关联的cookie,以及(2)设备向第二主机传输加密密钥。系统可以从设备接收包括加密密钥的第二请求,并在确定加密密钥之前未被解密过时对其进行解密以获得密钥。系统可以从第二主机向设备传输密钥,并指示设备将密钥存储为与第二主机相关联的cookie。(In one embodiment, a method includes a system receiving a request from a device of a user, the request directed to a first host. The system may generate a key, an authentication token, and an encryption key. The system may transmit an authentication token and an encryption key from the first host to the device, and transmit instructions configured to cause: (1) the authentication token is stored as a cookie associated with the first host, and (2) the device transmits the encryption key to the second host. The system may receive a second request from the device that includes the encryption key and decrypt the encryption key to obtain the key when it is determined that it was not decrypted before. The system may transmit the key from the second host to the device and instruct the device to store the key as a cookie associated with the second host.)