cookies

问题 I'm creating an extension for the Firefox browser. I would like to read a cookie which was set by an HTML page using JavaScript in the XUL file. Is it possible? I tried using document.cookie , but it doesn't work: function readCookie(name) { var ca = document.cookie.split(';'); var nameEQ = name + "="; for(var i=0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1, c.length); //delete spaces if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length);

问题 I'm creating an extension for the Firefox browser. I would like to read a cookie which was set by an HTML page using JavaScript in the XUL file. Is it possible? I tried using document.cookie , but it doesn't work: function readCookie(name) { var ca = document.cookie.split(';'); var nameEQ = name + "="; for(var i=0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1, c.length); //delete spaces if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length);

问题 Some browsers (Firefox, Chrome) by design doesn't clean session cookies when you close them, if you set some kind of remember me switch (for example in FF go to Options->General->When Firefox starts->Show my windows and tabs from last time). It is a problem for our client (government agency...) while I do have absolute control over http server, I have no control over browser settings. The scenario is - they're used to share computer accounts, however they shouldn't be able to share web

问题 Some browsers (Firefox, Chrome) by design doesn't clean session cookies when you close them, if you set some kind of remember me switch (for example in FF go to Options->General->When Firefox starts->Show my windows and tabs from last time). It is a problem for our client (government agency...) while I do have absolute control over http server, I have no control over browser settings. The scenario is - they're used to share computer accounts, however they shouldn't be able to share web

问题 During the time I've spent taking breaks from learning how PHP supports Unicode I've been delving into making my "Remember Me" cookies a bit more secure. However there are a few things I don't understand and a few of my own musings I'd like some suggestions and opinions on. 1) Is there any method to adopting a "Remember Me" feature that doesn't involve cookies? Curious since there are obvious security flaws in storing authentication cookies. Not that there aren't security risks in just about

问题 With PHPUnit it's quite easy to test raw PHP code, but what about code that heavily relies on cookies? Sessions could be a good example. Is there a method that doesn't require me to setup $_COOKIE with data during my test? It feels like a hacky way of doing things. 回答1: This is a common problem with code, especially lagacy PHP code. The common technique used is to further abstract the COOKIE/SESSION variables in related objects and using inversion of control technique(s) to pull those

问题 Do you have some information regarding browsers that implement/plan to implement this part of the HTTP 1.1 specification? Additionally, what frameworks have already implemented this feature. I've done my Google research but I'd like to know if there's something else. Also, do/would you use it? Do you find it better than the Cookie/Set-Cookie implementation? 回答1: Update : the Cookie2 specification never caught on, and RFC 6265 now declares it obsolete, making this question moot - though it's

问题 My current document URL is http: //127.0.0.1/foo and I need to change the value of a cookie for http: //127.0.0.1/bar. document.cookie is empty because document's URL is foo. For the moment, I just want to read the cookie value. Any clue? 回答1: When you create the cookie, if you set the path to '/' instead of 'foo' you will be able to read it anywhere on the domain, including '/foo', '/bar', etc. 回答2: You can create an <iframe> pointed at a resource inside /bar , and cross-frame-script into it

问题 I have a Rails service returning data for my AngularJS frontend application. The service is configured to allow CORS requests by returning the adequate headers. When I make a GET request to receive data, the CORS headers are sent, as well as the session cookie that I have previously received on login, you can see for yourself: Request URL:http://10.211.194.121:3000/valoradores Request Method:GET Status Code:200 OK Request Headers Accept:application/json, text/plain, */* Accept-Encoding:gzip

问题 We have an ASP.NET MVC 5 app using Owin cookie authentication. Currently, we set up cookie authentication as follows: public partial class Startup { public void ConfigureAuth(IAppBuilder app) { var timeoutInMinutes = int.Parse(ConfigurationManager.AppSettings["cookie.timeout-minutes"]); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, AuthenticationMode = AuthenticationMode.Active, LoginPath = new PathString("/"),