PHP setcookie(),但不是子域 [英] PHP setcookie() for domain but NOT subdomains
问题描述
有什么方法可以设置子域上 不可读的cookie吗?换句话说,在 domain.com 上可以使用Cookie,但不 www.domain.com 或 xyz.domain.com 。
Is there any way to set a cookie that is not readable on subdomains? In other words, have the cookie available on domain.com, but not www.domain.com or xyz.domain.com.
//this is what i'm "intending"...
setcookie($name,$value,$expires,'/','domain.com');
//however, this is how it behaves:
setcookie($name,$value,$expires,'/','.domain.com');
推理:我在子域上设置一个静态CDN,会话cookie对于每个图像,css文件,js文件等。
The reasoning: I'm setting up a static CDN on a subdomain and don't want the user session cookies going back and forth for every image, css file, js file, etc.
...我必须回到使用 www.domain.com 我的网站?是否有任何解决方法?
...do I have to fall back to using www.domain.com for my site? Are there any workarounds?
推荐答案
显然,在domain.com上有一个与* .domain.com 是预期的行为。
Apparently, having a cookie on "domain.com" that will match "*.domain.com" is expected behaviour.
例如: PERSISTENT CLIENT STATE HTTP COOKIES 状态(一些强调我)
For instance : PERSISTENT CLIENT STATE HTTP COOKIES state (some emphasis mine) :
code> domain = DOMAIN_NAME
在搜索Cookie列表中的
有效Cookie时, cookie的
域属性是
,其中因特网域名为
从其获取URL
的主机。 ...
Tail matching表示
的域属性与主机的完全
限定域名的尾部匹配
。 A
acme.com的域属性将
匹配主机名anvil.acme.com为
以及shipping.crate.acme.com
When searching the cookie list for
valid cookies, a comparison of the
domain attributes of the cookie is
made with the Internet domain name of
the host from which the URL will be
fetched. ...
"Tail matching" means
that domain attribute is matched
against the tail of the fully
qualified domain name of the host. A
domain attribute of "acme.com" would
match host names "anvil.acme.com" as
well as "shipping.crate.acme.com".
只有指定域中的主机
才能为域设置cookie,
域必须至少有两个)
或三(3)个周期到
防止以下形式的域:.com,
.edu和va.us。
在以下仅列出的七个特殊
顶级域之一中失败的任何域
需要两个期间。任何其他域
需要至少三个。七个
特殊顶级域是:COM,
EDU,NET,ORG,GOV,MIL和
INT / p>
Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "va.us". Any domain that fails within one of the seven special top level domains listed below only require two periods. Any other domain requires at least three. The seven special top level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL", and "INT".
因此,您必须:
- 对您的网站使用
www.domain.com - 或对您的静态内容使用完全不同的域名像
.anotherdomain.com)
- 例如,这是在stackoverflow:静态内容由sstatic.net提供
这篇关于PHP setcookie(),但不是子域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
