Cookie cross-domain operation seems to be a simple problem, because you only need to specify the Domain attribute as the root domain name of the specified website. However, the author encountered some problems during actual use, which are indeed worth noting.
Environment introduction
Cookie in www main domain name Create it under and write the Domain attribute, such as: (For the convenience of debugging, the following codes are all asp codes)
Write.asp
program code
<%
Response.Cookies(CookieName)("UserName") = "SunBird"
Response.Cookies(CookieName)("Password") = "xyz1234"
Response.Cookies(CookieName).Domain = "xxxx.com"
%>
Read.asp
for reading cookies is placed in the same directory.
program code
<%
Response.Write Request.Cookies(CookieName)("UserName")
Response.Write Request.Cookies(CookieName)("Password")
%>
Then put a Read.asp document into another subdomain site, with the same code as above. Finally, we make another Clear.asp to clear cookies and place it under the main domain name
Clear.asp
program code
<%
Response.Cookies(CookieName)("UserName") = ""
Response.Cookies(CookieName)("Password") = ""
Response.Cookies(CookieName).Domain = "xxxx.com"
%>
Now you can test it through the following execution sequence, Write.asp-->Read.asp of the main domain name-->Read.asp of the subdomain name. Any Read.asp page can read the value of the cookie created by Write.asp. Then run Clear.asp to clear it, everything is OK, http://bizhi.downcodes.com/ seems to have no problem.
But there are problems when applying this method to actual sites.
Problem description:
Everything is ok when logging in for the first time. Any subdomain name can access the cookies stored in the main domain name. However, once you log out, the cookies of the subdomain name are cleared, but the cookies of the main domain name are still retained. The main domain name is forcibly cleared. After setting the cookie, no matter how you log in to the main domain name, the cookie cannot be saved unless you close the browser and reopen it.
After many attempts, I accidentally discovered the problem. The following is the test process.
Create a Write2.asp page and place it under the main domain name
program code
<%
Response.Cookies(CookieName)("TEST_COOKIE") = "TEST_COOKIE"
%>
Step 1: After closing the browser, execute in the following order: Write.asp-->Read.asp of the main domain name-->Read.asp of the sub-domain name. Any Read.asp here reads normally.
Step 2: Clear.asp-->Read.asp of the main domain name-->Read.asp of the subdomain name The clearing operation is successful here.
Step 3: Write.asp --> Write2.asp --> Main domain name Read.asp --> Subdomain name Read.asp At this point, both Read.asp can read the cookie value.
Step 4: Re-execute step 2 and find that the main domain name Read.asp still outputs the value, while the value of Read.asp under the subdomain name has been cleared.
Based on the above test, we summarize the following points that you need to pay attention to when using cookies across domains:
1. When you have a Cookie group (or Cookie dictionary) and use the Domain attribute to specify the domain name, when you modify or add new members to the group When adding, be sure to add the Resonse.Cookies(CookieName).Domain attribute after the operation.
2. If it is not necessary, please do not modify the cookie group of the configured domain. Directly use Response.Cookies("CookieText") = CookieValue to create a new cookie.