Cookie First used to identify and authenticate a user , The process is divided into the following steps :

1. The server sends... To the client Cookie

2. The browser will Cookie preservation

3. After that, every time the browser serves the server, it will Cookie To the server side

-----------------------------------------------------------------------------------------------------------------------------------------------------------

Cookie example : name=value; Path=/; Expires=Sun, 23-Apr-23 09:01:35 GMT; Domain=.domain.com;

Cookie There are several main options :

Path by Cookie On the server side of the directory , The default is /, It's the root directory , Suppose the same server has the following directory first : /test/,/test/cd/,/test/dd/, Now set cookie1 Of path by /test/, cookie2 Of path by /test/cd/,

that test All pages can be served in the next page cookie1, And only /test/cd/ The next page can access cookie2

Domain by Cookie The domain , The default is the domain name in the requested address , Suppose the web address is www.jb51.net/test/a.html, that domain The default is www.jb51.net,

If cross domain service , Such as domain A by t1.test.com, Domain B by t2.test.com, So we need to generate a system that can be accessed on both sides Cookie You have to set it to .test.com,

To be in the domain A Generate a A Can't access and B Accessible Cookie You have to set it to t2.test.com;

Expires by Cookie Expiration time , For one UTC Format time string , If it is not set, it will be cleared when the browser is closed , Generally no problem , But when the time of the server and the client does not match, there will be a deviation

Max-Age by Cookie Storage time , In order to solve the deviation phenomenon as expires An alternative to , The unit is in seconds ;

HttpOnly Tell the browser that you are not allowed to go through document.cookie Zone change Cookie, But set it to true when , This Cookie It's in document.cookie Not visible in , But it happened HTTP When asked , Still will this Cookie Send to the server ;

Secure When its value is true when , Only in HTTPS Effective in ,HTTP Invalid in request

Cookie urinate 2 More articles about

  1. Super large Cookie Denial of service attacks

    Have you ever thought about it , If the website's Cookie Very much, very big , What will happen ? Not much to say , Let's try it out right now : for (i = 0; i < 20; i++) document.cookie = i + '= ...

  2. IE10、IE11 User-Agent As a result of ASP.Net Website cannot write Cookie problem

    Have you ever encountered a problem when using a Cookie When operating the website or management system ,IE 6.7.8.9 I'm running well , It's the only way to get there. IE10.11 These advanced browsers will not work ? ok , This problem is code continuous 2 Within days 2 Time . that , We ...

  3. solve cookie Cross domain access

    One . Preface With more and more project modules , Many modules are now deployed independently . Communication between modules may sometimes be through cookie To complete . For example, portals and Applications , Deployed on different machines or web In the container , If the user logs in and writes to the browser client c ...

  4. jquery The usage of plug-ins cookie plug-in unit

    One . Use cookie plug-in unit Plug in official website download address :http://plugins.jquery.com/cookie/ cookie The usage of plug-ins is relatively simple , Paste the following code example directly : // Generate a cookie ...

  5. A weird COOKIE problem

    This afternoon, , I found that the local test environment suddenly couldn't run ,thinkphp Go straight to the exception page , According to the normal way of thinking , Look directly at thinkphp Of log There is a [ error ] [2]setcookie() expects ...

  6. [ Reprint ]Cookie/Session The mechanism and security of

    Cookie and Session It's for the sake of being in the stateless HTTP Maintain session state over protocol , So that the server can know which client is dealing with . This paper discusses in detail Cookie and Session Implementation mechanism , And the security issues involved . because ...

  7. jquery.cookie Use

    Today, I thought of adding praise to my video diary , And you need to use cookie. Remember the original js operation cookie It's not too much trouble , But it seems jquery It's simpler , But compared to the original js, Additional introduction required 2 File , It doesn't seem very good , but ...

  8. Cross-domain problem , The front-end actively sends to the background cookie

    What is cross domain ? Access resources from one domain page to another , There will be cross domain . As long as the agreement . port . If there is a difference in domain name, there will be cross domain for example : 1. Different agreements  http://www.baidu.com:80 and https:/ ...

  9. 【 Traffic hijacking 】 Rage in silence —— Cookie Great eruption

    Lite version :http://www.cnblogs.com/index-html/p/mitm-cookie-crack.html Preface Last article Explained how to use front-end technology , Create a better environment than SSLStrip more ...

Random recommendation

  1. jQuery Of dom operation ( Two ) turn

    addClass() Add the specified class name... To the matching element . after() Insert content after matching elements . append() Append content inside the matched element . appendTo() Append content inside the matched element . attr ...

  2. lua simplify cocos2dx Of Action Animation sequence

    scene When writing code today , I want to write a very common animation , It's getting bigger and smaller to simulate the elastic driving foot , It's very common, but it's troublesome to write , It's a lot easier to package and use . Of course, I also know there are slow motion animations (EaseAction) Can achieve the rebound effect , But it's not heavy ...

  3. 【mysql Design and optimization of (1)】ER chart , Data modeling and data dictionary

    Requirement analysis is a very important part of a project , And as part of the whole project ' blood '-- data , More importantly .viso,workbench,phpmyadmin And other software can help us better deal with data analysis problems . ER chart E-R The method is & ...

  4. GIT_linux The server is built with the local environment

    linux install git package quite a lot yum Automatically installed on the source git Version is 1.7, Here, manually compile and re install 1: Install dependency packages yum install curl-devel expat-devel gettext-devel ...

  5. Tencent engineers teach you to play RocksDB

    Welcome to cloud + Community , Get more Tencent mass technology practice dry goods ~ author : Tencent cloud database kernel team Original title :[ Tencent cloud CDB] Teach you to play MyRocks/RocksDB-STATISTICS With the background thread 0. Intro ...

  6. utilize window.name+iframe Cross domain access to interface data

    Recently I did a form advertisement , You need to read data from the interface , After that, I found that Google and Firefox are normal ,360 Compatible and IE The browser can't get the data , Here's a sharp contrast :      Debugging found an error : Then the development changes the interface to support windowname, In limine ...

  7. Microblog third party login use social_django Realize the display of login user name

    The first change social_soce Source code , Add user information to cookie Change it to :  response =  backend.strategy.redirect(url)    payload = jwt ...

  8. Unity3d Platformer Pro 2D Game development framework using tutorial

    Preface Platformer Pro The frame is Unity3d AssetStore The last one was very powerful and popular 2d Game development framework , Most of this tutorial is translated into official documents , One part is the work summary , There is also a part of the video tutorial documentation . This ...

  9. C# A simple example of reflection mechanism

    using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.R ...

  10. log4cpp Easy to use and step on the pit

    log4cpp yes log4j An extension of , C++ Developers can use this library to log , It can be output to the terminal , It can also be saved to a file . The following is simple demo Show how to output log to output terminal . #include <iostream> ...