Chrome不会在损坏的https中为domain = localhost创建Cookie [英] Chrome doesn't create cookie for domain=localhost in broken https

问题描述

我在https上的我的本地主机上有应用程序。但是localhost上的认证被破坏了。

I have application on my localhost in https. But the certification on localhost is broken.

下面是响应头。问题：未创建MyCookie：

Below, response header. Problem: MyCookie is not created:

MyCookie=MyValue;Path=/;Domain=localhost;Secure; HttpOnly

但是对于此标题。创建cookie：

But for this header. The cookie is created:

MyCookie=MyValue;Path=/;Secure; HttpOnly

是否有任何Chrome政策禁止在标题中设置域的损坏的https页面创建Cookie？

Is there any Chrome politics which disallow create cookie for broken https page which set domain in the header?

推荐答案

localhost上的显式设置域cookie不适用于chrome。

Explicit setting domain cookie on localhost doesn't work for chrome.

从此：

您只能为注册表控制域设置域cookie，即
以.com结尾的内容，而不是IP。或内部网主机名，例如
localhost

You can only set domain cookies for registry controlled domains, i.e. something ending in .com or so, but not IPs or intranet hostnames like localhost

这篇关于Chrome不会在损坏的https中为domain = localhost创建Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！