IE7中有两个同名cookie怎么办? [英] What to do when there are two cookies with the same name in IE7?
问题描述
一些背景:
CakePHP 除了 PHPSESSID 之外,还写入了它自己的会话 ID cookie.这用于验证请求.然后 SWFupload 发送一个文件,该令牌进行身份验证,并作为新的用户代理被选取 - 因此在 cakephp 中,您必须禁用检查用户代理"安全功能.
CakePHP writes it's own session id cookie besides the PHPSESSID. This is used to authenticate a request. Then an SWFupload sends a file, and that token to authenticate, and is picked up as a new user agent - so in cakephp you must disable the "check-user-agent" security feature.
在许多浏览器上这已经足够了.IE7 版本和 SWF 版本似乎与此错误无关.在我们的例子中,IE7 正在存储/发送同一个 cookie 的两个版本.那么第一个问题是为什么?怎么样?
On many browsers this is enough. IE7 version and SWF version seem to have no corelation to this bug. In our case IE7 was storing/sending two versions of the same cookie. So the first question is why? How?
进一步说明:
因为这些重复的 cookie 存储在头字符串的开头和结尾,PHP/Cake 接收一个端如果它是一个欺骗所以它选择"一个,而我在 swfobject 中设置和发送的手动 cookie 是另一个曲奇饼.我可以想到一些技巧来解决这个问题 - 但我真的很想知道这种情况最初是如何出现的.
Because these duplicate cookies are stored at the beginning and end of the header string, PHP/Cake receives the one end if it's a dupe so it "chooses" one, and the manual cookie I set and send in swfobject is the other cookie. I can think of a few hacks to fix this - but really I'd like to know how this condition could arise in the first place.
CakePHP 似乎也没有在注销和登录时生成唯一的 CakeSession id,这可能是原因,解决方案可能是强制 cake 在任何地方使用 PHPSESSID,或者可能只是为了确保 swfupload 发送正确的 SESSID...
CakePHP also seems to not generate unique CakeSession ids on logout and login, which might be the cause, and the solution could be to force cake to use PHPSESSID everywhere, or it may be just to make sure that swfupload sends the correct SESSID...
编辑一:CakePHP 发送的 cookie 的标头是:
Edit one: The headers for cookies sent by CakePHP are:
Set-Cookie: CAKEPHP=gqlpa88blmhmdsmv9e99ga16b3; expires=Thu, 13-Aug-2009 13:21:02 GMT; path=/
Set-Cookie: CAKEPHP=deleted; expires=Wed, 06-Aug-2008 13:21:01 GMT; path=/
Set-Cookie: CAKEPHP=ob5695trnspprlohiunrpqgkm0; expires=Thu, 13-Aug-2009 13:21:02 GMT; path=/
欢迎提出任何想法!
推荐答案
如果为不同的域或路径设置了两个 cookie,则它们可能具有相同的名称.
Two cookies may have the same name if they were set for different domains or paths.
例如,如果您在www.example.com"和example.com"上设置了一个 cookieID",那么每个对www.example.com"的请求都会发送两个 ID cookie,或者anything.www.example.com".
For instance, if you set a cookie "ID" on "www.example.com" and also on "example.com", then two ID cookies will be sent for every request for "www.example.com" or "anything.www.example.com".
为防止这种情况发生,请确保您始终为同一个域设置 cookie,如果您碰巧有多个域名别名到同一服务器(例如 www.example.com 和 example.com),则进行一次重定向到另一个.
To prevent this, ensure that you're consistently setting cookies for the same domain, and if you happen to have multiple domain names aliased to the same server (e.g. www.example.com and example.com) then have one redirect to the other.
同样,不要将同名的 cookie 设置为不同的路径值.
Similarly, don't set cookies of the same name with a different path value.
这篇关于IE7中有两个同名cookie怎么办?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
