Some problems need to be treated with a cookie, just read the Rhino book about the introduction of cookies, put together some notes.
A cookie is a small amount of data stored by a Web browser, and it is related to a specific Web page or site.
The cookie data is automatically transferred between the Web browser and the Web server, so the server-side script can read and write the cookie value stored on the client.
In JavaScript, cookies are used to save states and to provide a mechanism for the identification of web browsers.
However, using cookies in JavaScript does not take any encryption mechanism, so they are not secure. However, it is safe to transfer cookie data over HTTPS, but this is not related to the cookie itself, but to the https: protocol.
Cookie properties: Expiration and scope
In addition to the name and value, the cookie has some optional properties to control the validity and scope of the cookie.
The scope of a cookie is determined by the document source and document path. The scope is also configurable through the path and domain properties of the cookie.
However, it is worth noting that the path attribute of a cookie cannot be used as an access control mechanism.
The scope of a cookie is restricted by the document source by default. However, some large sites want to be able to share cookies between subdomains. This time, you need to set the cookie's Domain property to achieve the goal.
The domain of a cookie can only be set to the current server's domain.
The attribute of a cookie is secure, which is a Boolean property that indicates how the value of a cookie is passed through the network.
Cookies are passed by default in an unsecured form (via a normal, unsecured HTTP connection).
Once a cookie is identified as "safe," it can only be passed if the browser and server are connected via HTTPS or other security protocols.
Save cookies
Set a cookie value for the default validity period for the current document:
name = value;
Document.cookie = "Version =" + Encodeurlcomponent (document.lastmodified);
Since the value in the cookie's name/value is not allowed to include semicolons, commas, and whitespace characters, it is generally possible to encode a value using the JavaScript core global function encodeurlcomponent () before storage.
Accordingly, it is necessary to decode the value of the cookie by using decodeurlcomponent ().
To extend the validity period of a cookie, you need to set the Max-age property to specify the lifetime of the cookie (in seconds).
Name = Value;max-age = seconds;
A function is used to set a cookie, and an optional Max-age attribute is provided:
/** stored as a name/value cookie* and encoded with the encodeurlcomponent () function to escape the semicolon, comma, and white space characters * If daystolive is a number, Set the Max-age property to the value of the property to represent the cookie until the specified number of days. * It won't expire until it's over. If daystolive is 0 it means delete cookie*/function Setcookie (name,value,daystolive) { var cookie = name + "=" Encodeurlcomponent (value); if (typeof daystolive = = = "Number") cookie + = "; Max-age = "+ (daystolive*60*60*4); s document.cookie = cookie;}
If you want to set the path, domain, and secure properties of a cookie, simply append the cookie value to the following string before storing the cookie value:
;p ath = paht
;d omain = Domain
; secure
To change the value of a cookie, you need to use the same name, path, and domain, but the new value will reset the value of the cookie.
Similarly, setting the new Max-age property can change the validity period of the original cookie.
To delete a cookie, you need to use the same name, path, and domain, then specify an arbitrary (non-null) value, and specify the Max-age property as 0, and set the cookie again
Read cookies
When you use a JavaScript expression to read a cookie property, the value returned is a string that consists of a series of name/value pairs.
Different name/value pairs are separated by "semicolons and spaces", and their contents contain all cookies that act on the current document.
However, it does not contain other settings for cookie properties. The value of the cookie can be obtained through the Document.cookie property, but in order to better view the value of the cookie,
The split () method is typically used to separate the name/value pairs from the cookie value.
Defines a GetCookie () function that resolves the value of the Document.cookie property, stores the corresponding name/value pair in an object, and returns the object at the end of the function.
Parsing Document.cookie Property values
/** returns the value of Document.cookie as an object of name/value pairs * Assuming that the value of the stored cookie is encoded with the encodeurlcomponent () function */function GetCookie () { var cookie = {}; Initialize the last object to return var all = Document.cookie; Gets all the cookie values in an uppercase string if (all = = = "") { //If the cookie attribute value is an empty string return cookie; Returns an empty object } var list = All.split (";"); /separation of Fame/value pairs for (var i = 0;i<list.length;i++) { //traversal per cookie var cookie = List[i]; var p = cookie.indexof ("="); Find the first "=" sign var name = cookie.substring (o,p); Get the cookie name var value = cookie.substring (p+1); Gets the value that corresponds to the cookie, value = decodeurlcomponent (value);//Decodes it cookie[name] = value; Store the name/value pairs in the object } Retuen cookie;}
"Reading notes--cookie" JavaScript Definitive guide Sixth edition