安全和不安全Cookie的区别 [英] Difference between secure and insecure cookies

问题描述

我正在开发一个必须维护会话的Android应用程序.我需要登录两个网站.

I am developing an Android application where I have to maintain session. There are two websites that I need to log into.

对于一个网站，当我从Cookie商店获得Cookie时，我得到的是cookie.isSecure = true.

For one website, when I get cookies from Cookie Store I get cookie.isSecure=true.

对于其他网站，我得到cookie.isSecure = false.

For other website, I get cookie.isSecure=false.

我想知道安全和不安全Cookie的区别是什么?

I would like to know what is the difference between Secure and Insecure cookies?

此值会使浏览器行为发生变化吗?

Would the browser behavior change with this value?

推荐答案

安全cookie会指示浏览器仅在通过SSL连接时将cookie发送给服务器.

A secure cookie instructs the browser that the cookie may only be sent to the server when connecting through SSL.

这些网站的URL以https://开头(请注意http后面的s)

These are sites where the URL starts with https:// (note the s after http)

不安全的cookie将同时发送到http://和https://连接.

An insecure cookie will be sent to both http:// and https:// connections.

此机制可确保始终对会话cookie(如果设置为安全)进行加密，以防止窃听.

This mechanism ensures that session cookies (if set as secure) will always be encrypted in order to prevent eavesdropping.

这篇关于安全和不安全Cookie的区别的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！