如果一个Web浏览器中删除所有`会议'退出(到期= 0)饼干? [英] Should a web browser delete all `session' (expiry = 0) cookies on exit?
问题描述
一切我读到饼干说,一个cookie的到期时间设置为零,应该让一个'会议'的cookie,该浏览器会再退出后删除。
Everything I read about cookies says that setting the expiry time of a cookie to zero should make it a `session' cookie, which the browser will then delete upon exit.
http://www.cookiecentral.com/faq/ 说:
...一般一个会话的时间长度,浏览器是开放的......
"...generally a session is the length of time that the browser is open for..."
http://php.net/manual/en/function.setcookie.php 说:
如果设置为0,或省略,cookie将在会议上(在浏览器关闭)结束时到期。
"If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes)."
然而,一些实验中的火狐(3.0.8)显示:
However, some experimenting in Firefox (3.0.8) shows that:
- 设置为会话cookie的和的安全退出时被删除
- 的cookies设置为会话只能做的不可以退出时被删除
- cookies set as session and secure get deleted on exit
- cookies set as session only do not get deleted on exit
歌剧(9.64)的行为与我所期望的,在退出时删除会话cookie是否设置为安全与否。
Opera (9.64) behaves as I would expect, deleting the session cookies upon exit whether set as secure or not.
我希望能够靠这个在基于web的应用程序我的工作(有一个安全cookie和不安全的cookie为已登录的标志,并让他们一起到期,无论是与实时或者为0,一个会话),但似乎即使是在标准的浏览器,然后是不够一致依靠它:/
I wanted to be able to rely on this in a web-app I'm working on (having a secure cookie and an insecure cookie as a "logged-in" flag and having them expire together, either with a real time or 0 for a session), but it seems that even if it's in the standard then browsers are not consistent enough to rely on it :/
这是在浏览器中的一个bug,预期的行为,和/或没有真正在标准中定义?会话cookie的实际寿命
Is this a bug in the browser, expected behaviour, and/or is the actual lifetime of session cookies not really defined in the standard?
推荐答案
您永远不应该依赖于客户端功能。
您正从事该功能通常是实现存储会话ID的客户端和真实的用户信息服务器端(它的ID,他无论是登录还是不行,他的个人信息,等等)。
The feature you're working on is usually implemented storing the session ID client-side and the real user info server-side (its ID, whether he's logged in or not, his personal info, etc).
另外值得一饼干承担每个请求被发送,所以越少,你在cookie存储,就更好了。
Also bear in mind cookies get sent in every request, so the less you store in a cookie, the better.
这篇关于如果一个Web浏览器中删除所有`会议'退出(到期= 0)饼干?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
