Path path. Specify the WEB page associated with the cookie.
The value can be a directory or a path.
If //www.VeVB.COm/test/index.html creates a cookie, then all pages in the //www.VeVB.COm/test/ directory and pages in any subdirectories under this directory can be accessed this cookie.
This means that any page in //www.VeVB.COm/test/test2/test3 can access the cookie created by //www.VeVB.COm/test/index.html.
However, what should we do if //www.VeVB.COm/test/ needs to access the cookies set by //www.VeVB.COm/test/index.html?
At this time, we need to set the path attribute of cookies to "/". When specifying a path, all WEB pages that come from the same server and have the same path in the URL can share cookies.
Domain domain. Specify the associated WEB server or domain.
The value is the domain name, such as www.VeVB.COm. This is an extension of the path attribute. What if we want www.VeVB.COm to be able to access the cookies set by bbs.china.com? We can set the domain attribute to "china.com" and the path attribute to "/".
Secure. Specifies how cookie values are passed between the user and the WEB server over the network.
The value of this attribute is either "secure" or empty. By default, this attribute is empty, which means an insecure HTTP connection is used to transfer data. If a cookie is marked as secure, then data is transferred between it and the WEB server through HTTPS or other secure protocols. However, setting the secure attribute does not mean that others cannot see the cookies saved locally on your machine. In other words, setting the cookie to secure only ensures that the data transmission process between the cookie and the WEB server is encrypted, and the cookie file stored locally is not encrypted. If you want local cookies to be encrypted, you have to encrypt the data yourself.
Expires Expiration time. Refers to the cookie's lifetime, specifically the expiration date.
You must use this attribute if you want the cookie to last longer than the current browser session. When the expiration date has passed, the browser automatically deletes the cookie file.