是否可以使用单个 Set-Cookie 设置多个 cookie? [英] Is it possible to set more than one cookie with a single Set-Cookie?

问题描述

一个 HTTP Set-Cookie 指令只能保存一个 cookie，对吗?我的意思是，一对 name=value ?

One HTTP Set-Cookie directive can only hold one cookie, is it right? I mean, one single name=value pair?

推荐答案

Netscape 的原始 cookie 规范(参见 这个缓存版本) 没有说明列出多个 cookie 声明.

The original cookie specification of Netscape (see this cached version) does not say anything about listing multiple cookie declarations.

但从 Set-Cookie 起，由 RFC 2109<定义/a> 允许以逗号分隔的 cookie 声明列表:

But as of Set-Cookie as defined by RFC 2109 allows a comma separated list of cookie declaration:

非正式地，Set-Cookie 响应头包含令牌 Set-Cookie:，后跟一个或多个 cookie 的逗号分隔列表.每个 cookie 以 NAME=VALUE 对开头，后跟零个或多个分号分隔的属性值对.

Informally, the Set-Cookie response header comprises the token Set-Cookie:, followed by a comma-separated list of one or more cookies. Each cookie begins with a NAME=VALUE pair, followed by zero or more semi-colon-separated attribute-value pairs.

这同样适用于 RFC 2965 定义的 Set-Cookie2:

The same applies to Set-Cookie2 as defined by RFC 2965:

非正式地，Set-Cookie2 响应头包含标记 Set-Cookie2:，后跟一个或多个 cookie 的逗号分隔列表.每个 cookie 以 NAME=VALUE 对开头，后跟零个或多个分号分隔的属性值对.

Informally, the Set-Cookie2 response header comprises the token Set-Cookie2:, followed by a comma-separated list of one or more cookies. Each cookie begins with a NAME=VALUE pair, followed by zero or more semi-colon-separated attribute-value pairs.

但是由于大多数用户代理仍然遵循 Netscape 的原始规范，我宁愿建议只用自己的 Set-Cookie 标头字段声明每个 cookie.

But since most user agents still follow Netscape’s original specification, I would rather suggest to just declare each cookie with its own Set-Cookie header field.

这也是最新的 RFC 6265 反映的内容:

This is also what the latest RFC 6265 reflects:

原始服务器不应该将多个 Set-Cookie 标头字段折叠成单个标题字段.折叠 HTTP 标头的常用机制字段(即，如 [RFC2616] 中定义的)可能会改变Set-Cookie 标头字段，因为使用了 %x2C(,")字符通过 Set-Cookie 与这种折叠冲突的方式.

Origin servers SHOULD NOT fold multiple Set-Cookie header fields into a single header field. The usual mechanism for folding HTTP headers fields (i.e., as defined in [RFC2616]) might change the semantics of the Set-Cookie header field because the %x2C (",") character is used by Set-Cookie in a way that conflicts with such folding.

这篇关于是否可以使用单个 Set-Cookie 设置多个 cookie?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！