为什么没有`Set-Cookie`头响应？ [英] Why no `Set-Cookie` headers in response?

问题描述

我发现有时浏览器无法从我的网站获取Cookie，因此我使用 curl 来检查标题，信息是：

I found sometimes browser can't get cookies from my website, so I use curl to check the headers, and the information is:

C:\Documents and Settings\jack>curl http://localhost -I
HTTP/1.1 200 OK
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: SCALAEYE_SESSION="a57cf8ebdfc379da91ad17d1d1eac706c25ae4c3-%3Citems%3E%3C%2Fitems%3E";Path=/
Set-Cookie: SCALAEYE_FLASH="%3Citems%3E%3C%2Fitems%3E";Path=/
Content-Length: 121665
Server: Jetty(6.1.26)

但是当我使用浏览器 IE6 和 Firefox 访问，标题是：

But when I use browsers IE6 and Firefox to visit, the headers are:

Response Headersview source
Date    Fri, 08 Apr 2011 08:48:09 GMT
Transfer-Encoding   chunked
Server  Jetty(6.1.26)

你可以看到没有 Set-Cookie 头，这会造成问题。我的服务器是 Jetty 6.1.26 。为什么他们是不同的答复？哪里错了？

You can see there is no Set-Cookie header, which makes problems. My server is Jetty 6.1.26. Why they are different responses? Where is wrong? And how to fix it?

推荐答案

这可能是因为cookie已经设置，因此 Set -Cookie 不会包含在响应标头中。

It could be that the cookie was already set and thus the Set-Cookie will not be included on the Response header.

查看请求标题的样式：

使用 Wireshark 进行网络嗅探。另一个伟大的工具是 FireBug 插件：它允许您检查，设置和删除Cookie。

You can do this with network sniffing using Wireshark. Another great tool for this is the FireBug plugin: It allows you to check, set and delete cookies.

最后一点是你的服务器控制 Set-Cookie 头：如果浏览器不提供 Cookie 头，服务器可以决定发送 Set-Cookie 。然后你的浏览器决定通过发送一个 Cookie 头来使服务器接受。如果您在浏览器上禁用Cookie，则不会将Cookie标头发送回服务器。

The final point is that your server controls the Set-Cookie header: If the browser does not provide the Cookie header, the server can decide to send a Set-Cookie. Then your browser decides to accept the by sending back a Cookie header for the server to use. If you have cookies disabled on the browser, it will not send back the Cookie header to the server.

这篇关于为什么没有`Set-Cookie`头响应？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！