By default, all cookies of a website are stored on the client, and all cookies are sent to the server together with any requests of the website. In other words, every page on the website can obtain all cookies for the website. However, you can set the scope of cookies in two ways:
Limits the scope of cookies to the server directory, allowing you to restrict cookies to a website application. Program .
Set the scope of the domain to allow you to specify which subdomains in the domain can access cookies.
Restrict cookies to directories or applications
To restrict cookies to the directory on the server, set the path attribute of the cookie, as shown in the following example:
Httpcookie appcookie = new httpcookie ("appcookie ");
Appcookie. value = "written" + datetime. Now. tostring ();
Appcookie. expires = datetime. Now. adddays (1 );
Appcookie. Path = "/application1 ";
Response. Cookies. Add (appcookie );
Tip: You can also write cookies by directly adding them to the cookies set, as shown in the previous example.
The path can be either in the physical root directory of the website or in the virtual root directory. The result is that the cookie is only available for the page in the directory or virtual root application1. For example, if your website name is http://www.contoso.com/, the cookie created in the previous section will only be available to pages in the path http://www.contoso.com/Application1/ and all its subdirectories. However, this cookie is not available for pages in other applications, such as http://www.contoso.com/Application2/ or http://www.contoso.com.
Tip: The paths in Some browsers are sensitive to uppercase and lowercase letters. You cannot control how users enter URLs in their browsers, but if your applications depend on cookies to restrict specific paths, make sure that the URL in any hyperlink you create matches the case in the path property value.
Restrict the cookie domain range
By default, cookies are associated with specific domains. For example, if your website is http://www.contoso.com/, the cookies you write will be sent to the server when a user requests any page from the website. (Cookies with specific path values may not be included .) If your website also has subdomains (such as contoso.com, sales.contoso.com, and support.contoso.com), you can associate specific subdomains with cookies. To do this, set the domain attribute of the cookie, as shown in the instance:
Response. Cookies ["Domain"]. value = datetime. Now. tostring ();
Response. Cookies ["Domain"]. expires = datetime. Now. adddays (1 );
Response. Cookies ["Domain"]. Domain = "support.contoso.com ";
After the domain is set as follows, the cookie will only be available for pages in a specific domain. You can also use the domain attribute to create a cookie that can be shared among multiple subdomains, as shown in the following example:
Response. Cookies ["Domain"]. value = datetime. Now. tostring ();
Response. Cookies ["Domain"]. expires = datetime. Now. adddays (1 );
Response. Cookies ["Domain"]. Domain = "contoso.com ";
At this time, the cookie will be available to the primary domain like the sales.contoso.com and support.contoso.com domains.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
