why doesn't cfcookie allow setting domain= to a subdomain for CFID/CFTOKEN?

问题

<cfcookie name="CFID" value="#session.cfid#" domain=".demo.labs.dev">

yields:

Set-Cookie: CFID=4215; Domain=.labs.dev; Expires=Sat, 04-Jul-2043 01:43:49 GMT; Path=/; HttpOnly

But if I use <cfheader> directly:

<cfheader name="Set-Cookie"
      value="CFID=4212; Domain=.demo.labs.dev; Expires=Sat, 04-Jul-2043 01:37:03 GMT; Path=/; HttpOnly">

yields:

Set-Cookie: CFID=4212; Domain=.demo.labs.dev; Expires=Sat, 04-Jul-2043 01:37:03 GMT; Path=/; HttpOnly

And that's really what I want.

Why does <cfcookie> behave this way? Current workaround would be using <cfheader> instead.

回答1:

Have you reproduced this error with a leading . in the domain value? According to CF8, CF9 and CF10 docs, the domain attribute value Must start with a period..

回答2:

Apparently it is now fixed...

https://bugbase.adobe.com/index.cfm?event=bug&id=3593673

来源：https://stackoverflow.com/questions/17583768/why-doesnt-cfcookie-allow-setting-domain-to-a-subdomain-for-cfid-cftoken

标签

coldfusion

cfcookie

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!