node. JS uses cookies

Source: Internet
Author: User

First, Cookie Introduction

Second, Cookie features

Third, the use of cookies

Four, encrypted cookies

Five. Application of Cookies

First, Cookie Introduction

  A cookie is a variable stored on a visitor's computer. Allows us to use the same browser to access the same domain

Name to share data

  HTTP is a stateless protocol. Simply put, when you browse a page and then go to another page of the same site

The server cannot recognize that this is the same browser that is accessing the same Web site. Every visit, was without any
of the relationship.

  Cookies are a simple to explode idea: when accessing a page, the server is in the downstream HTTP message,

The command browser stores a string; When the browser accesses the same domain, the string is carried to the upstream
The HTTP request. The first time a server is accessed, it is not possible to carry cookies. Must be the server to get this request,
In the downstream response header, the cookie information is carried, and every subsequent request made by the browser to this server will
Carry this cookie.

Ii. Characteristics of cookies

  Cookies are saved locally in the browser

The normal set of cookies is not encrypted, the user can freely see;
The user can delete the cookie or disable it
Cookies can be tampered with
Cookies can be used to attack
Cookies are stored in small amounts. The future is actually replaced by Localstorage, but the latter IE9 compatible

Third, the use of cookies

1, installing CNPM install Cookie-parser--save

2, the introduction of var Cookiepar = require ("Cookie-parser");

3, set up middleware

App.use (Cookieparser ());

4, set cookies

Res. CooKies (' name ', zhangsan,{max:9000000,httponly:true});

HttpOnly default false does not allow client script access

5, Get cookies

Property Description

  Domain: Domains

Name=value: Key-value pairs, you can set the Key/value to save, note that the name here cannot and other property entry names
The same
Expires: The expiration Time (in seconds) after which the Cookie is invalidated at a certain point in time, such as Expires=wednesday,
09-nov-99 23:12:40 GMT
MaxAge: Maximum failure Time (MS), setting after how many failures
Secure: When the secure value is true, the cookie is invalid in HTTP and is valid in HTTPS
Path: Represents the path that the cookie affects, such as path=/. If the path does not match, the browser does not send this Cookie
HttpOnly: It's Microsoft's expansion of cookies. If the "HttpOnly" attribute is set in the COOKIE, the program (JS
scripts, applets, etc.) will not be able to read cookie information to prevent XSS attacks from generating
Singed: Indicates whether the cookie is signed, set to True to sign the cookie, which requires
Res.signedcookies instead of res.cookies to access it. The tampered signature cookie is rejected by the server and the cookie
The value is reset to its original value

Set cookies

Res.cookie (' RememberMe ', ' 1 ', {maxage:900000, httponly:true})

Res.cookie (' name ', ' Tobi ', {domain: '. ', path: '/admin ', secure:true});

  Res.cookie (' RememberMe ', ' 1 ', {expires:new Date ( () + 900000), HttpOnly:


Get cookies

Delete Cookies

Res.cookie (' RememberMe ', ', {expires:new Date (0)});

Res.cookie (' username ', ' Zhangsan ', {domain: '. ', maxage:0,httponly:true}

node. JS uses cookies

Related Article

E-Commerce Solutions

Leverage the same tools powering the Alibaba Ecosystem

Learn more >

Apsara Conference 2019

The Rise of Data Intelligence, September 25th - 27th, Hangzhou, China

Learn more >

Alibaba Cloud Free Trial

Learn and experience the power of Alibaba Cloud with a free trial worth $300-1200 USD

Learn more >

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.