gpt4 book ai didi

用于域但不是子域的 PHP setcookie()

转载 作者:可可西里 更新时间:2023-10-31 22:40:29 26 4
gpt4 key购买 nike

有什么方法可以设置在子域上不可可读的 cookie?换句话说,让 cookie 在 domain.com 上可用,但 www.domain.comxyz.domain.com

//this is what i'm "intending"...
setcookie($name,$value,$expires,'/','domain.com');
//however, this is how it behaves:
setcookie($name,$value,$expires,'/','.domain.com');

原因:我在子域上设置静态 CDN,不希望用户 session cookie 为每个图像、css 文件、js 文件等来回传输。

...我的网站是否必须退回到使用 www.domain.com?有任何解决方法吗?

最佳答案

显然,在“domain.com”上有一个与“*.domain.com”匹配的 cookie 是预期的行为。

例如:PERSISTENT CLIENT STATE HTTP COOKIES陈述(一些强调我的):

domain=DOMAIN_NAME

When searching the cookie list for valid cookies, a comparison of the domain attributes of the cookie is made with the Internet domain name of the host from which the URL will be fetched. ...
"Tail matching" means that domain attribute is matched against the tail of the fully qualified domain name of the host. A domain attribute of "acme.com" would match host names "anvil.acme.com" as well as "shipping.crate.acme.com".

Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "va.us". Any domain that fails within one of the seven special top level domains listed below only require two periods. Any other domain requires at least three. The seven special top level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL", and "INT".

因此,您要么必须:

  • 为您的网站使用“www.domain.com
  • 或者为您的静态内容使用完全不同的域名(例如“.anotherdomain.com”)
    • 例如,这是在 stackoverflow 上所做的:静态内容由 sstatic.net 提供

关于用于域但不是子域的 PHP setcookie(),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1417963/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com