Php Framework-some php blog frameworks add a static random character to each cookie name. why?

Source: Internet
Author: User
Tags cookie names set cookie
For example, the cookie name 5xHK8D3fgc_user_info5xHK8D3fgc_comment_author5xHK8D3fgc_comment_email. why? For example, these cookie names:
5xHK8D3fgc_user_info
5xHK8D3fgc_comment_author
5xHK8D3fgc_comment_email

Why?

Reply content:

For example, these cookie names:
5xHK8D3fgc_user_info
5xHK8D3fgc_comment_author
5xHK8D3fgc_comment_email

Why?

Imagine a scenario like this:

You purchase a virtual host VPS and deploy a set of blog programs. suddenly, your girlfriend tells you that you want one, and you deploy one.
However, you only have one domain name. if you are smart, you can use subdomain names to distinguish them. OK! So you soon completed this need.

However, after you find that you have logged on to your girlfriend, the login status under your domain name is lost. what do you think is wrong?
As a result, I finally found out in the http packet capture tool that "when I access my blog, I actually transmitted the cookie information from my girlfriend ". They use the same cookie name.cookie.domainBoth.xxx.com

In fact, the role of cookie prefix also lies in this, and this is also the reason why many backend users need to set cookie. domain. A random prefix can prevent this situation.

This is actually called cookie prefix. the cookie prefix can be customized.

In fact, there are many bad habits of phper in the past, so the subject does not need to think too much.

I don't quite understand cookies.
Let's talk about the session prefix.
On the same server, if you run multiple websites and the session directory is the same
For example, if is_login = true is defined in a web project
The other web is not logged in, but it may also be obtained as login
However, if the prefix is used
Websiteis_login of web1
Web2_is_login of web2 will not be affected.

Cookie prefix, just like the database table prefix.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.