Cookies for different subdirectories of the same site to set path

Cookies for different subdirectories of the same site set path to access each other. See:

Cookie Path

Http://www.cnblogs.com/ainiaa/archive/2011/11/18/2253841.html

The previous use of cookies did not concern you with path. This time the company mall realized the static function, more than 2 levels of directory. caused me on the Product Details page set up a cookie (path for/good/Product ID/) in the Shop homepage unexpectedly visit (Shop home path for '/store/'). The name of the cookie is consistent. The only difference is path. When setting a cookie on the Product Details page, path is set to '/' so that it can be properly set up in the store home page.

Using the keyword javascript cookie path also searched, the original 10 years IE has been a cookie path of a bug (original address: http://conkeyn.iteye.com/blog/423549).

An advertising project in hand, successfully tested and passed under Firefox. Self-confidence JS code can be compatible with IE,FF test after a while still give CS test, results CS Feedback said there is a problem. Troubleshoot and find the path associated with JavaScript when setting a Cookie. The cookie under IE is normal at the path where the URL is located, and if the cookie value scope is under the current URL, JavaScript cannot get the cookie value set.

Look at the following demo code:

2. var cookie_name = "name";
4. var cookie_value = "value";
6. expires = new Date ();
8. Expires.settime (Expires.gettime () + 86400 * 1000);
12. There is a bug Document.cookie not unique Cookie_name value
14. Document.cookie = Cookie_name + "=" + encodeURIComponent (cookie_value)
16. + "; Expires= "+ expires.togmtstring () + "; Path= "
18. + Window.location.pathname;
20. Normal
22. Document.cookie = Cookie_name + "=" + encodeURIComponent (cookie_value)
24. + "; Expires= "+ expires.togmtstring () + ";  path=/test/";
26. Normal
28. Document.cookie = "cookie_name=" + encodeuricomponent (cookie_value)
30. + "; Expires= "+ expires.togmtstring () + ";  path=/";

The suspect is IE bug,
Search the following keywords on google: ie javascript cookie path bug
The same problem is also described in the blog on Crime and punishment, and bloggers have contacted Eric IEBlog of Microsoft. The replies received are:

You have the uncovered an IE bug where the cookie that is set with a path that contains a filename (e.g./page.htm) is not acce Ssible to the Document.cookie function, although they is correctly sent to the server in the HTTP header. This have been broken for at least years and unfortunately probably won't is fixed in IE8.

Thanks,

-eric

A bug that existed for 10 years ... And IE8 will not repair, it is no language.

The requirement is that the cookie value is only valid for the current page, and there is no way to use the alternative to see the code:

2. IE Cookie Bug Replacement scheme
4. var cookie_path = Window.location.pathname;
6. var cookie_name = encodeURIComponent (cookie_path.substring (Cookie_path
8. . LastIndexOf ('/') + 1));
10. Cookie_path = cookie_path.substring (0, Cookie_path.lastindexof ('/') + 1);
12. var cookie_value = "value";
14. expires = new Date ();
16. Expires.settime (Expires.gettime () + 86400 * 1000);
20. Document.cookie = Cookie_name + "=" + encodeURIComponent (cookie_value)
22. + "; Expires= "+ expires.togmtstring () + ";  Path= "+ Cookie_path;

The alternative is to make a cookie name based on the URL file name of each page, valid within the current page path.
such as: URL equals/test/test.html
The cookie is named test.html and the valid path is/test/
This can also be done with the same JS deployment on each page can read to the current URL only valid cookie value. The price is that when users access many pages in the same level directory, the cookie value increases. As a result, each HTTP request under the current path has a long cookie, which directly causes the server to receive the header length of the client request, and the server burden increases as the traffic grows. And according to the definition of RFC 2109 cookie also has the length and number of limits, ie the maximum allowable cookie length is 4096 bytes, allow 50 cookie name-value pairs. If you want to break the limit of 50 name-value pairs, you can save more cookie variables in a single name-value using a cookie dictionary.

Http://blog.seateng.cn/archives/2009/03/ie-javascript-cookie-path-bug.html

This time the static function let me learn the question of the cookie. It's a pleasure.

This static feature also involves a cross-domain request issue. The thing is this:

I need to display the current user's product browsing history in the search module (domain name search.emall.xxx.xxx). The browsing history of the two products is stored in the main station's cookie. In order to facilitate our cookie_domain are set to the same domain name, the use of JS cookie does not get a set of cookies. However, using Firebug + Firecookie It is clear to see that the cookie is present and not expired. The only difference is that the domain of the cookie is identical to the domain of the current module (the cookie is a emall.xxx.xxx set on the master, and the current search has a domain name of search.emall.xxx.xxx). It's easy to think of a problem with cookie domain. The cause of the problem has been found and solved it. Use JS No, I just use AJAX to request the main station, the main station, the cookie is removed, and then returned as is. Encode, run, reverse, Ajax request is still not available (send request using GET). The address of the AJAX request is placed in the address bar, and there is content to return, but the value of the cookie cannot be obtained with AJAX requests. Obviously, this is the case with the legendary cross-domain request. We haven't solved the problem. Suddenly remembered, the module under the user login information is asynchronously taken out by Ajax. At the same time Ajax request why the user's login information can get my why can't get it???

Find out why. Find the code to request the user information, only to find that the original request and my Ajax is a little different. User information is requested in the following ways:

The JS code is as follows:

    Get Data across domains
     Jquery.ajax ({
        Type: "GET",
        url:temp_domain_url+ "/index.php?",
        Data   : "act=get_user_info&php_session_id=" +jquery.cookie (' cookie_id ') + "&jsoncallback=?",
        DataType: "Jsonp",
        JSONNP: ' Callback ',
        Success:function (data) {
...
...
...
}
});

The PHP code is as follows:

function Get_user_info ()
{
    $GBH _goods_info = $_cookie[' Gbh_goods_info ')? $_cookie[' Gbh_goods_info ': Json_encode (false);
        
        {//There will be an error without this
             $GBH _goods_info = stripslashes ($GBH _goods_info);
        }
        $GBH _goods_info = Json_decode ($GBH _goods_info);
        Echo $_get[' callback ']. " ({msg: ". Json_encode ($GBH _goods_info)."}); ";
        Exit
    }

That's why it's so clear.

According to the gourd painting scoop finally function realized ....