Как работают куки-файлы браузера?

Из-за странных проблем с файлами / поддоменами, которые я получаю, мне хотелось бы узнать, как браузеры обрабатывают файлы cookie. Если они делают это по-разному, было бы также хорошо узнать различия.

Другими словами - когда браузер получает cookie, этот cookie МОЖЕТ иметь домен и привязанный к нему путь. Или нет, в этом случае браузер, вероятно, заменяет некоторые значения по умолчанию для них. Вопрос 1: что это?

Позже, когда браузер собирается сделать запрос, он проверяет свои куки и отфильтровывает те, которые он должен отправить для этого запроса. Это делается путем сопоставления их с путем запросов и доменом. Вопрос 2: каковы правила соответствия?

Added:

Причина, по которой я спрашиваю об этом, заключается в том, что я заинтересован в некоторых крайних случаях. Подобно:

Will a cookie for .example.com be available for www.example.com? Will a cookie for .example.com be available for example.com? Will a cookie for example.com be available for www.example.com? Will a cookie for example.com be available for anotherexample.com? Will www.example.com be able to set cookie for example.com? Will www.example.com be able to set cookie for www2.example.com? Will www.example.com be able to set cookie for .com? Etc.

Added 2:

Кроме того, кто-то может подсказать, как мне установить cookie, чтобы:

It can be set by either www.example.com or example.com; It is accessible by both www.example.com and example.com.

Ответы на вопрос(8)

Error: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit ExceededError: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

  • The origin domain of a cookie is the domain of the originating request.

  • If the origin domain is an IP, the cookie's domain attribute must not be set.

  • If a cookie's domain attribute is not set, the cookie is only applicable to its origin domain.

  • If a cookie's domain attribute is set,

    • the cookie is applicable to that domain and all its subdomains;
    • the cookie's domain must be the same as, or a parent of, the origin domain
    • the cookie's domain must not be a TLD, a public suffix, or a parent of a public suffix.

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded.foo.comError: User Rate Limit Exceededfoo.com

Error: User Rate Limit Exceeded

  • x.y.z.com can set a cookie domain to itself or parents - x.y.z.com, y.z.com, z.com. But not com, which is a public suffix.
  • a cookie with domain=y.z.com is applicable to y.z.com, x.y.z.com, a.x.y.z.com etc.

Error: User Rate Limit Exceededcom, edu, uk, co.uk, blogspot.com, compute.amazonaws.com

Решение Вопроса

Error: User Rate Limit ExceededError: User Rate Limit Exceeded (Set-Cookie2Error: User Rate Limit ExceededError: User Rate Limit ExceededError: User Rate Limit ExceededshouldError: User Rate Limit ExceededError: User Rate Limit Exceeded.

Error: User Rate Limit ExceededDomainError: User Rate Limit ExceededSet-CookieError: User Rate Limit Exceeded

  • If the Set-Cookie header field does not have a Domain attribute, the effective domain is the domain of the request.
  • If there is a Domain attribute present, its value will be used as effective domain (if the value does not start with a . it will be added by the client).

Error: User Rate Limit ExceededError: User Rate Limit ExceededError: User Rate Limit Exceeded


Error: User Rate Limit Exceeded

  • Cookie with Domain=.example.com will be available for www.example.com
  • Cookie with Domain=.example.com will be available for example.com
  • Cookie with Domain=example.com will be converted to .example.com and thus will also be available for www.example.com
  • Cookie with Domain=example.com will not be available for anotherexample.com
  • www.example.com will be able to set cookie for example.com
  • www.example.com will not be able to set cookie for www2.example.com
  • www.example.com will not be able to set cookie for .com

Error: User Rate Limit Exceededwww.example.comError: User Rate Limit Exceededexample.comError: User Rate Limit Exceeded.www.example.comError: User Rate Limit Exceeded.example.comError: User Rate Limit Exceeded.www.example.comError: User Rate Limit Exceededfoo.www.example.comError: User Rate Limit Exceededbar.www.example.comError: User Rate Limit Exceeded.example.comError: User Rate Limit Exceededexample.comError: User Rate Limit Exceededfoo.example.comError: User Rate Limit Exceededbar.example.com).

Error: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit Exceededorigin serverError: User Rate Limit ExceededwarningError: User Rate Limit Exceededexample.comError: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit Exceeded.

Error: User Rate Limit Exceeded

  • cookie attribute Domain=.example.com is equivalent to Domain=example.com
  • cookies with such Domain attributes will be available for example.com and www.example.com
  • cookies with such Domain attributes will be not available for another-example.com
  • specifying cookie attribute like Domain=www.example.com will close the way for www4.example.com

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit ExceededError: User Rate Limit Exceeded

Will www.example.com be able to set cookie for .com?

Error: User Rate Limit Exceededexample.com.frError: User Rate Limit Exceededexample2.com.frError: User Rate Limit ExceededError: User Rate Limit Exceeded

Error: User Rate Limit Exceededo2.ieError: User Rate Limit Exceededo2online.ieError: User Rate Limit Exceeded

Error: User Rate Limit ExceededError: User Rate Limit ExceededError: User Rate Limit Exceeded

Error: User Rate Limit Exceeded

Error: User Rate Limit Exceeded


Response to Added:

  • Will a cookie for .example.com be available for www.example.com? Yes
  • Will a cookie for .example.com be available for example.com? Don't Know
  • Will a cookie for example.com be available for www.example.com? Shouldn't but... *
  • Will a cookie for example.com be available fo,r anotherexample.com? No
  • Will www.example.com be able to set cookie for example.com? Yes
  • Will www.example.com be able to set cookie for www2.example.com? No (Except via .example.com)
  • Will www.example.com be able to set cookie for .com? No (Can't set a cookie this high up the namespace nor can you set one for something like .co.uk).

*Error: User Rate Limit Exceededexample.comError: User Rate Limit Exceeded.example.com.

Ваш ответ на вопрос