问题
I have an application which allows user to log in and add items to basket, however if user has cookies turned off, this functionality would no longer work. I've checked facebook and it turns out even they need cookies enabled to function.
So my question is is it even possible to handle regular login/add to cart functionality without cookies?
回答1:
This is not only Laravel specific. Check http://php.net/manual/en/session.configuration.php (specifically session.use_cookies and session.use_only_cookies) to see how you can enable the use of a _GET parameter instead.
As always, the documentation warns you that stealing a SESSION gets easy when you pass the ID via _GET.
But PHP should be automatically rewriting your URLs once you enable them, so no extra work required on your end, but I would personally keep the sessions restricted to a single IP and User-Agent - should make it hard for attackers.
回答2:
I can see Laravel tag in your question, so I'm giving you a link to all possible ways of using sessions in Laravel:
https://laravel.com/docs/5.1/session
来源:https://stackoverflow.com/questions/36033060/laravel-sessions-without-cookies