servlet 设置 cookie 安全吗?
问题描述:
javax.servlet.http.Cookie implements java.lang.Cloneable
在 Cookie 方法中,有一个方法调用 "setSecure" ,它有什么用?如果我设置了安全(真),我需要在我的客户端(javascript)端做什么来读取 cookie?设置/不设置 setSecure 有何不同?
In Cookie method, there is a method call "setSecure" , what does it use for? if i setSecure(true), is there anything i need to do on my client(javascript) side to read the cookie? what is different set/without setSecure?
答
setSecure(true) 是告诉浏览器只有在使用安全"协议时才应将 cookie 发送回服务器,像https.您的 JavaScript 代码不必做任何不同的事情.
All that setSecure(true) does is tell the browser that the cookie should only be sent back to the server if using a "secure" protocol, like https. Your JavaScript code doesn't have to do anything different.