I have a site that uses www.example.com for standard pages and secure.example.com for HTTPS.I am trying to set a cookie when user logs in that will be valid on both the HTTP & HTTPS versions of the site.
我这样做是通过将路径设置为/和域到.example.com。这在Firefox和Internet Explorer中工作正常,但在Chrome中,Cookie仅在设置的网站版本上有效(或)
I am doing this by setting path to "/" and domain to ".example.com". This works fine in Firefox and Internet Explorer, but in Chrome the cookie is only working on the version of the site where it was set (http://www.example.com or https://secure.example.com)
Is this a bug or am I doing something wrong? If it's a bug is there a workaround?
The cookie is being set by PHP in headers.
You cannot set a cookie for both HTTP and HTTPS at the same time. You need to set two separate cookies, one for HTTP and one for HTTPS:
setcookie("login", base64_encode($email."::".md5($password)), 2840184012, "/", ".example.com");
setcookie("login", base64_encode($email."::".md5($password)), 2840184012, "/", ".example.com", true);
只有在 ,因为您只能通过HTTPS设置安全Cookie。
This does only work if you set the cookies in https://secure.example.com as you can only set secure cookies via HTTPS.
Oh, and by the way: Do not store the authentication information in a cookie! Use a once valid authentication token instead.
这篇关于Google Chrome浏览器Cookie - HTTP& HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!