当Cookie通过http标头发送到浏览器时，是否将其添加到客户端浏览器? [英] When a cookie is sent via http header to a browser will it be added to the client browser?

问题描述

我正在尝试与API建立连接.当我对此API调用方法时，它会通过HTTP标头发送一个cookie值作为响应.

I am trying to make connection with an API. When I call a method to this API, it respond with a cookie value sent via HTTP headers.

此标头会自动添加到客户端我的浏览器"吗?还是我必须先解析请求并使用 setCookie 创建cookie?

Will this header be automatically added to the client "my browser?" or do I have to parse the request first and create a cookie using setCookie?

如果它不会自动添加cookie，是否有办法?

if it does not add the cookies automatically, is there a way to do so?

推荐答案

它将由您的http客户端自动处理(您无需手动设置).服务器应使用Set-Cookie标头(而不是cookie)进行响应，然后客户端将保存该cookie，并在下次请求时将其发送.

It'll be handled automatically by your http client (you don't need to set it manually). Server should respond with Set-Cookie header (not with cookie), then client will save that cookie, and send it on next requests.

设置Cookie

使用HTTP Set-Cookie标头设置Cookie，并在HTTP响应中发送.此标头指示浏览器存储cookie，并在将来的请求中将其发送回服务器(当然，如果浏览器不支持cookie或已禁用cookie，则浏览器将忽略此标头).

Cookies are set using the HTTP Set-Cookie header, sent in an HTTP response. This header instructs the browser to store the cookie and send it back in future requests to the server (the browser will, of course, ignore this header if it does not support cookies or has disabled cookies).

作为示例，浏览器将其第一个请求发送到www.example.org网站的首页:

As an example, the browser sends its first request to the homepage of the www.example.org website:

GET /index.html HTTP/1.1
Host: www.example.org
...

服务器使用两个Set-Cookie标头进行响应:

The server responds with two Set-Cookie headers:

HTTP/1.0 200 OK
Content-type: text/html
Set-Cookie: theme=light
Set-Cookie: sessionToken=abc123; Expires=Wed, 09 Jun 2021 10:18:14 GMT
...

服务器的HTTP响应包含网站主页的内容.但是它也指示浏览器设置两个cookie.第一个主题"被认为是会话" cookie，因为它没有Expires或Max-Age属性.会话cookie通常在浏览器关闭时被浏览器删除.第二个"sessionToken"包含一个"Expires"属性，该属性指示浏览器在特定的日期和时间删除cookie.

The server's HTTP response contains the contents of the website's homepage. But it also instructs the browser to set two cookies. The first, "theme", is considered to be a "session" cookie, since it does not have an Expires or Max-Age attribute. Session cookies are typically deleted by the browser when the browser closes. The second, "sessionToken" contains an "Expires" attribute, which instructs the browser to delete the cookie at a specific date and time.

接下来，浏览器发送另一个请求，以访问网站上的spec.html页面.该请求包含一个Cookie标头，其中包含服务器指示浏览器设置的两个Cookie.

Next, the browser sends another request to visit the spec.html page on the website. This request contains a Cookie header, which contains the two cookies that the server instructed the browser to set.

GET /spec.html HTTP/1.1
Host: www.example.org
Cookie: theme=light; sessionToken=abc123
...

这样，服务器知道此请求与上一个请求有关.服务器会通过发送请求的页面来回答，并可能还会使用Set-Cookie标头添加其他cookie.

This way, the server knows that this request is related to the previous one. The server would answer by sending the requested page, and possibly adding other cookies as well using the Set-Cookie header.

服务器可以通过响应页面请求而包含Set-Cookie标头来修改cookie的值.然后，浏览器将旧值替换为新值.

The value of a cookie can be modified by the server by including a Set-Cookie header in response to a page request. The browser then replaces the old value with the new value.

cookie的值可以包含任何可打印的ASCII字符(！至〜，Unicode \ u0021至\ u007E)，但不包括和；并排除空格.Cookie的名称不包括相同的字符以及=，因为这是名称和值之间的分隔符.Cookie标准RFC 2965具有更多限制，但不能由浏览器实现.

The value of a cookie may consist of any printable ASCII character (! through ~, unicode \u0021through \u007E) excluding , and ; and excluding whitespace. The name of a cookie excludes the same characters, as well as =, since that is the delimiter between the name and value. The cookie standard RFC 2965 is more limiting but not implemented by browsers.

饼干屑"一词有时用于表示Cookie的名称/值对.

The term "cookie crumb" is sometimes used to refer to a cookie's name-value pair.

也可以通过在浏览器中运行的脚本语言(例如JavaScript)来设置Cookie.在JavaScript中，对象document.cookie用于此目的.例如，指令document.cookie ="temperature = 20"会创建一个名称为"temperature"和值为"20"的cookie.

Cookies can also be set by scripting languages such as JavaScript that run within the browser. In JavaScript, the object document.cookie is used for this purpose. For example, the instruction document.cookie = "temperature=20" creates a cookie of name "temperature" and value "20".

请参见维基百科页面

这篇关于当Cookie通过http标头发送到浏览器时，是否将其添加到客户端浏览器?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！