会话Cookie与持久Cookie [英] Session Cookie vs Persistent Cookie

问题描述

我了解持久性Cookie和会话Cookie的正常应用。但是，如果您可以指定会话cookie的过期时间，使其表现得像持久性cookie，反之亦然。除了将会话cookie从用户中混淆并且将会话存储在服务器上之外，使用会话cookie有什么好处？

I understand the normal application of a persistent cookie vs a session cookie. But if you can specify the expiration time of a session cookie to behave like a persistent cookie and vice-versa. Is there any benefit to using session cookies besides them being obfuscated from the user and the session is stored on the server?

session_set_cookie_params（） code>函数允许您为会话设置特定的到期时间。您可以在 setcookie（）函数中设置持久性cookie中的时间。

session_set_cookie_params() function allows you to set a specific expiration time for a session. You can set the time in a persistent cookie in the setcookie() function.

我已经拉起线程了
Cookie VS Session 和会话cookie和永久cookie ，却找不到我的答案。

I already pulled up the threads Cookie VS Session and Session cookies and persistent cookies, and didn't find my answer.

推荐答案

但是如果您可以将会话cookie的过期时间指定为
，则其行为类似于持久性cookie，反之亦然。

But if you can specify the expiration time of a session cookie to behave like a persistent cookie and vice-versa.

不正确，会话cookie和持久性cookie之间的区别在于是否给出了 expires 的值。根据定义，会话cookie不能具有到期时间。

Not true, the difference between a session cookie and a persistent cookie is whether or not the an expires value is given. A session cookie can't have an expiration time by definition.

使用会话cookie除了
之外，还有其他好处吗？

Is there any benefit to using session cookies besides them being obfuscated from the user and the session is stored on the server?

PHP会话之类的会话ID可以存储在任一服务器中，会话cookie或持久性cookie，并且会话cookie可以包含除会话ID之外的其他信息。它们都使用会话一词，但它们是分开的。

A session ID for something like PHP sessions can be stored in either a session cookie or a persistent cookie, and session cookies can contain other information besides session IDs. They both use the word "session" but are separate things.

如果您希望当用户关闭浏览器时该cookie消失，则会话cookie是正确的选择。网上银行就是一个很好的例子-当您关闭浏览器时，用于验证您身份的Cookie应该被销毁，以使他人无法潜入您的计算机，重新打开浏览器并开始进行转帐。曾经恶作剧地改变过您的Facebook身份吗？

A session cookie is the right choice if you want the cookie to disappear when the user closes their browser. A good example is online banking - the cookie that authenticates you should be destroyed when you close the browser so someone can't sneak onto your computer, reopen the browser, and start making transfers. Ever had your facebook status or something like that changed as a prank?

这篇关于会话Cookie与持久Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！