Cookie、HTTP GET 和查询字符串
美国纽约南区地方法院在 Doubleclick Inc. 案中指出:
“GET 信息作为网站地址或“URL”的一部分提交,即所谓的“查询字符串”。例如,对假设的在线唱片店选择 Bon Jovi 专辑的请求可能会这样:http://recordstore. 以“?”开头,这意味着 cookie 会记录用户请求的有关 Bon Jovi 的信息。
hyperthetical.com/search?terms=bonjovi。 URL查询字符串 ?”会让cookie记录用户请求的信息?如果是这样,什么RFC/标准包含这个?
编辑:我知道美国地方法院没有定义标准,但我想有一些具体的东西来说明它们是不正确。
The United States District Court for the Southern District of New York in re Doubleclick Inc. stated:
"GET information is submitted as part of a Web site's address or "URL," in what is known as a "query string." For example, a request for a hypothetical online record store's selection of Bon Jovi albums might read: http://recordstore.hypothetical.com/search?terms=bonjovi. The URL query string begins with the "?" character meaning the cookie would record that the user requested information about Bon Jovi.
Is it true that a URL query string with a "?" would have the cookie record the user requested information? If so, what RFC/standard includes this?
Edit: I understand the United States District Court doesn't define standards, but I would like to have something concrete to note that they were incorrect.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
如果您阅读了整个文档,你会注意到他们说
它们描述的是 DoubleClick 使用的流程,而不是互联网标准。
您(以及任何其他人,包括 DoubleClick)可以获取您可用的信息(包括可能作为 GET 的一部分发送的信息)提交)并将其存储在 cookie 中。
您应该解释有问题的句子(在上下文< /a>),如下所示:
支持的结论:
DoubleClick 从 URL 查询字符串(这是 URL 中以“? ”开头的部分)获取信息。 ") 并使用 cookie 来记录用户请求的信息。
不支持的结论:
带有“?”的 URL 查询字符串 会让cookie记录用户请求的信息。 有一些 RFC 描述了这种行为。
If you read the whole document, you'll note that they say
They are describing a process used by DoubleClick, not an internet standard.
You (and anyone else, including DoubleClick) can take information that is available to you (including information that might be sent as part of a GET submission) and store it in a cookie.
You should interpret the sentence in question (in context) like this:
Supported Conclusion:
DoubleClick takes/took information from a URL query string (which is the part of the URL that begins with a "?") and uses a cookie to record information that the user requested.
Unsupported Conclusion:
A URL query string with a "?" would have the cookie record the user requested information. There exists some RFC that describes this behavior.
当然可以将查询字符串存储在 cookie 中,但没有强制执行此操作的技术标准。
他们可能引用了特定网站上代码的特定内容,该网站可能将查询字符串存储在 cookie 中。
It's certainly possible to store the query string in a cookie, but there is no technical standard that forces that to occur.
They are likely referencing something specific to the code on that specific website, which is presumably storing the query string in a cookie.
Cookie 的设置和提交与 URL 分开,因此在 HTTP 标头中,它看起来像这样:
GET /search?terms=bonjovi
Cookie:$版本=1; UserId=JohnDoe
查询字符串存储在 cookie 中的唯一方法是 cookie 路径与重写的 URL 结合使用,或者服务器明确设置带有某种 id 或查询字符串的 cookie。
Cookies get set and submitted seperately from the URL, so in the HTTP-header it would look like this:
GET /search?terms=bonjovi
Cookie: $Version=1; UserId=JohnDoe
The only way the query string would be stored in a cookie would be if a cookie path is used in conjunction with rewritten URLS or if the server explicitely sets a cookie with some sort of id or the query string.
上次我检查时,美国纽约南区地方法院没有定义互联网标准。
查询字符串不会影响cookie,它们以一种草率的方式使用技术语言。
Last time I checked, the US District Court for the Southern District of New York didn't define Internet standards.
The query string does not affect the cookies, they are using technical language in a sloppy way.
该文本可能只是一个示例,您不应该坚持这样做。
在查询字符串中包含任何文本并不意味着 cookie 是使用该信息创建的,尽管某些网站可能包含额外的代码来执行此操作。
That text may be just an example and you shouldn't stick to that.
Including any text in the query string does not imply a cookie is created with that information, although some sites may contain additional code to do so.