How the cookie is saved to the client and how it is sent to the server

Cookie-related HTTP headers

There are two HTTP headers and cookies about: Set-cookie and cookies. Set-cookie is sent by the server, which is included in the header of the response request. It is used to create a cookie cookie header on the client that is sent by the client and is included in the header of the HTTP request. Note that only the domain and path of the cookie match the requested URL to send this cookie. Set-cookie HeaderThe format of the     Set-cookie response header is as follows:         Set-cookie: <name>=<value>[; <name >=<value>]...                    [; expires=<date>][; Dom ain=<domain_name>]                    [; path=<some_path>][ ; secure][httponly]     EXPIRES=&LT;DATE&GT;: Sets the period of validity of the cookie, which expires if the cookie exceeds the date indicated by date.                     If this option is not set, the cookie will expire when the browser is closed.                     NOTE: date is Greenwich mean GMT (GMT),:      &N using the following format Bsp                 Day, DD MMM YYYY HH:MM:SS gmt         &NB Sp               day                            The day of the week (Sun, MoN, Tue, Wed, Thu, Fri, Sat) .                        dd  & nbsp                         The day in the month (such as-t He first day of the month) .                        mmm  & nbsp                         The three-letter abbreviation for the Month (Jan, Feb, Mar, APR, May, June, Jul, . , Sep, Oct, Nov, Dec)                       yyyy                        &NBSP ;   The year.                        hh                            The hour value in military time (would is 10:00AM-p.m.., for example) .                        mm                            the minute value.                        ss                            The second value.     domain=<domain_name>:     PA th=<some_path>:                    NOTE: temporary cookies (cookies without expires parameters) ) cannot be with the domain option.                     When a client sends an HTTP request, a valid cookie is sent to the server together.                     This cookie is valid if the domain and path parameters of a cookie match the URL.

A URL contains domain and path, you can refer to the http://www.w3school.com.cn/html/html_url.asp

Secure: Indicates that the cookie can only be sent to the HTTP server. HttpOnly: Indicates that the cookie cannot be obtained by client script.

generating expires in a program

c the Waytime_t curtime = time (NULL);         TM * gmtime = gmtime (&curtime);        Char strexperis[50]; Strftime (Strtimebuf, +, "%a,%d%b%Y%x GMT;", gmtime); the way of JavaScriptvar d = new Date (); var expires = d.togmtstring ();

InternetSetCookie in Windows

In Windows we can use InternetSetCookie to set cookies, and if A and B two processes use cookie communication, there are several things:

> A writes global cookie,b to write a session cookie, at which point a cannot obtain a cookie

> A Write session cookie,b write session cookie, at which point A and B cookies do not affect each other

> A Write session cookie,b write global cookie, at which time a cookie is overwritten by a global cookie that shares a global cookie

Note: The consequences of this situation, if there is any process to write the session cookie, then other processes will not get the cookie

Summarize

The life cycle of a cookie:

1, the creation of the cookie: the service side through the Set-cookie HTTP header requires the client to create, and give its specified life length

2, the use of cookies: the client each request will be based on path, domain through the cookie HTTP header to send cookie information to the server.

How the cookie is saved to the client and how it is sent to the server