How to make a cookie available to all paths in a domain?

2018-06-15 19:59:31

I created a cookie in a java filter and added back to the response

response.addCookie()

before returning to the client node.js application. This web application is accessed using a localhost URL in the browser. After reading about cookie domain issue while using 'localhost', i did not set any domain or path in the cookie, while creating it.

Now the Chrome or Firefox browsers don't show-up the cookie in the browser. All my URLs are http://localhost but, each page having different path.

Step 1: During a request to http://localhost/app/login cookie is created and set in the response
Step 2: When the page loads after response, no cookies are shown in Chrome
Step 3: During the next request http://localhost/app/customer the previously created cookie is not recieved when trying request.getCookies().
Step 4: Before returning back to client application, a cookie is created
Step 5: Now the cookie created in Step 4 is shown in Chrome
Step 6: The next request is also sent to http://localhost/app/customer , now the cookie created in step 4 is recieved in the server as well

If cookie creation for localhost is an issue, how does it work for Steps 4-6 only ?

How can i make the created cookie available to all paths under the localhost domain ? I tried using cookie.addPath("/") but, no change.

Note : Due to admin privilege issues in my development machine, i am not able to set-up a domain name to my localhost IP in etc/hosts file.

Not sure path is the issue. Path does not affect whether a cookie is created; it only determines whether it is presented. If cookies aren't showing up in the browser's cookie jar they are being rejected for some reason other than path.

Chrome will not accept cookies for localhost because it does not accept cookies in the top level domain. The domain in the URL has to have a dot in it somewhere. So you could either add a hosts entry (recommended) or just trying using 127.0.0.1 instead of localhost.

Also, none of this will work if the cookie is marked as secure or is being set with a domain attribute. If either of those is the case, you MUST use a hosts entry instead of localhost or 127.0.0.1.

In your Java server, you should call cookie.setPath("/") before adding it to response.

Such cookie will match all request URIs. It's a pity that it is not the default behavior.

I have a more detailed explanation of cookie path here - http://bayou.io/release/0.9/javadoc/bayou/http/Cookie.html#path

链接地址: http://www.djcxy.com/p/44900.html

上一篇: C SCNetworkReachabilityContext ARC转换

下一篇: 如何使Cookie可用于域中的所有路径？