如果您可以解决此问题_Cookies [英] If You Can Resolve This Problem_Cookies
本文介绍了如果您可以解决此问题_Cookies的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
HttpCookie hc = new HttpCookie("PersianSource");
hc.Expires = DateTime.Now.AddYears(10);
hc.Value = "123:;456";
Response.Cookies.Add(hc);
if (Request.Cookies["PersianSource"] != null)
{
string c = Request.Cookies["PersianSource"].Value;
}
如果您看到FireFox 123中的Cookies:; 456,请不要保存!
FireFox仅保存123:
仅保存Arive字符'':''
为什么???它很有趣:-)
if you see Cookies In FireFox 123:;456not Save!!!
FireFox Save Only 123:
only Save Arive Character '':''
Why????!!!its Funny:-)
推荐答案
根据非常古老的cookie规范: ^ ]您不能使用分号和cookie中的其他字符-而且仍然存在,具体取决于浏览器.
对它们进行编码: http://msdn.microsoft.com/zh-cn/library/4fkewx0t(v = vs.100).aspx [ ^ ]和 http://msdn.microsoft.com/en-us/library/adwtk1fy(v = vs.100).aspx [
According to the very old cookie specification: http://curl.haxx.se/rfc/cookie_spec.html[^] you can''t use semicolon, and a bunch of other characters in cookies - and this is still there, depending on browser.
Encode them: http://msdn.microsoft.com/en-us/library/4fkewx0t(v=vs.100).aspx[^] and http://msdn.microsoft.com/en-us/library/adwtk1fy(v=vs.100).aspx[^]
HttpUtility.UrlEncode(myCookieData);
HttpUtility.UrlDecode(myEncodedCookieData);
是的,因为";
"在此处用作终止符.它会破坏名称,并将第一部分(在;
之前)作为您的cookie的实际名称.为什么要在Cookie名称中使用";
"(分号)?
请点击以下链接:
SQL注入攻击示例 [ WIKI:SQL注入 [ ^ ]
--Amit
Yes because ";
" is working as a terminator here. It''s breaking the name and taking the first part(before;
) as the actual name of your cookie. Why you want ";
"(Semicolon) in your cookie name?
Follow the links below:
SQL Injection Attacks by Example [^]
WIKI : SQL injection[^]
--Amit
这篇关于如果您可以解决此问题_Cookies的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文