当在IE7中有两个相同名称的cookie时该怎么办? [英] What to do when there are two cookies with the same name in IE7?
问题描述
一些背景:
CakePHP除了PHPSESSID之外还编写了自己的会话ID cookie。这用于验证请求。然后,一个SWFupload发送一个文件和该令牌进行身份验证,并作为一个新的用户代理 - 所以在cakephp必须禁用检查用户代理安全功能。
CakePHP writes it's own session id cookie besides the PHPSESSID. This is used to authenticate a request. Then an SWFupload sends a file, and that token to authenticate, and is picked up as a new user agent - so in cakephp you must disable the "check-user-agent" security feature.
在许多浏览器上,这是足够的。 IE7版本和SWF版本似乎没有这个bug的关联。在我们的情况下,IE7存储/发送同一个cookie的两个版本。所以第一个问题是为什么?如何?
On many browsers this is enough. IE7 version and SWF version seem to have no corelation to this bug. In our case IE7 was storing/sending two versions of the same cookie. So the first question is why? How?
进一步说明:
因为这些重复的Cookie存储在标题字符串的开头和结尾,PHP / Cake接收一端,如果它是一个重复,所以它选择一个,我在swfobject中设置和发送的手动cookie是另一个cookie。我可以想到几个黑客来解决这个问题 - 但真的我想知道这种情况如何可能出现在第一。
Because these duplicate cookies are stored at the beginning and end of the header string, PHP/Cake receives the one end if it's a dupe so it "chooses" one, and the manual cookie I set and send in swfobject is the other cookie. I can think of a few hacks to fix this - but really I'd like to know how this condition could arise in the first place.
CakePHP似乎不生成注销和登录时的唯一CakeSession ID,这可能是原因,解决方案可能是强制蛋糕使用PHPSESSID无处不在,或者可能只是确保swfupload发送正确的SESSID ...
CakePHP also seems to not generate unique CakeSession ids on logout and login, which might be the cause, and the solution could be to force cake to use PHPSESSID everywhere, or it may be just to make sure that swfupload sends the correct SESSID...
编辑一个:
CakePHP发送的Cookie的标题是:
Edit one: The headers for cookies sent by CakePHP are:
Set-Cookie: CAKEPHP=gqlpa88blmhmdsmv9e99ga16b3; expires=Thu, 13-Aug-2009 13:21:02 GMT; path=/
Set-Cookie: CAKEPHP=deleted; expires=Wed, 06-Aug-2008 13:21:01 GMT; path=/
Set-Cookie: CAKEPHP=ob5695trnspprlohiunrpqgkm0; expires=Thu, 13-Aug-2009 13:21:02 GMT; path=/
任何想法欢迎!
推荐答案
如果为不同的域或路径设置两个Cookie,则两个Cookie可能具有相同的名称。
Two cookies may have the same name if they were set for different domains or paths.
例如,如果您在www.example.com和example.com上设置了CookieID,则会发送两个ID Cookie对于www.example.com或anything.www.example.com的每个请求。
For instance, if you set a cookie "ID" on "www.example.com" and also on "example.com", then two ID cookies will be sent for every request for "www.example.com" or "anything.www.example.com".
为了防止出现这种情况,请务必始终为相同的域,如果您碰巧有多个域名同名到同一个服务器(例如www.example.com和example.com),则有一个重定向到另一个。
To prevent this, ensure that you're consistently setting cookies for the same domain, and if you happen to have multiple domain names aliased to the same server (e.g. www.example.com and example.com) then have one redirect to the other.
同样,不要使用不同的路径值设置相同名称的Cookie。
Similarly, don't set cookies of the same name with a different path value.
这篇关于当在IE7中有两个相同名称的cookie时该怎么办?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
