是否可以防止在每个HTTP请求中发送cookie? [英] Is it possible to prevent cookies to be sent in every HTTP request?
问题描述
我最近发现(在这里:每个Web请求是否都会发送浏览器cookie?),那么每次对同一个域发出请求时,每个HTTP请求都包含与该域相关的cookie。
I recently found (here: Does every web request send the browser cookies?) that every HTTP request contains the cookies related to a domain every time a request is made to that same domain.
鉴于此,当该请求不是通过浏览器发送的,而是例如从Node.js发送的?请求中是否可能没有信息发送?
是否也可以阻止它在浏览器请求中发送?
Given this, what happens when the request is not sent through a browser but from Node.js, for example? Is it possible that no information is sent in the request? Is it also possible to prevent it to be sent in the browser requests?
推荐答案
浏览器
无法阻止浏览器发送Cookie 。
此这就是为什么通常推荐(Yahoo开发人员最佳做法,请参阅使用无Cookie的部分组件域)可从其他不含Cookie的域中提供静态内容(如CSS,图像)。
This is why is generally it is recommended (Yahoo developer Best practice, see section Use Cookie-free Domains for Components) to serve static content like css, images, from a different domain that is cookie free.
当浏览器发出请求时对于静态图片并发送Cookie和请求,服务器对这些Cookie没有任何作用。因此,他们只会无缘无故地创建网络流量。您应确保使用无Cookie的请求来请求静态组件。创建一个子域并在其中托管所有静态组件。
When the browser makes a request for a static image and sends cookies together with the request, the server doesn't have any use for those cookies. So they only create network traffic for no good reason. You should make sure static components are requested with cookie-free requests. Create a subdomain and host all your static components there.
以编程方式
从任何一种编程语言,相反,您可以选择(是否愿意发送Cookie) 。
From any programming language, instead, you can choose if you like to send cookies or not.
Cookie管理由程序员完成,因为编写库是为了发出单个请求。
Cookie management is done by the programmer, because libraries are written to make single requests.
因此,如果您发出第一个返回cookie的请求,则需要显式读取它们,将其保存在本地,最后将它们放入第二个请求到同一服务器
So if you make a first request that return cookies, you need to explicit read them, hold them locally somewhere, and eventually put them in a second request to the same server if you need.
因此从NodeJS中,如果您未在请求中明确添加cookie,则http调用不会保留它们。
So from NodeJS if you don't explicitly add cookies in your requests the http call doesn't hold them.
这篇关于是否可以防止在每个HTTP请求中发送cookie?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
