运行 Java 小程序时,JVM 会向服务器发送哪些 cookie?
在我的 Web 服务器上,我有一个包含 applet 标记的 HTML 文件:
<html>
<head/>
<body>
<applet code="Hello.class" width="100" height="100" />
</body>
</html>
在与该 HTML 文件相同的目录中,我有一个名为 Hello.class 的 Java 类文件。
这两个文件都在 Web 服务器 (IIS 6) 上运行,其主机名如下所示:
bart.simpson.springfield.com
我的浏览器中有两个 cookie:
- CookieA - 范围为 springfield.com
- CookieB - 范围为 simpson.springfield.com
当 HTML 文件时从服务器发出请求时,Fiddler 显示上述两个 cookie 均随请求一起发送。
当从服务器请求 Java 类文件时,Fiddler 显示仅发送 CookieA(范围为 springfield.com)。
我需要将两个 cookie 发送到服务器。有办法做到这一点吗?
我在 Firefox 3.5.2 和 IE 7 中看到了这种行为。
我试图找到发送 cookie 的规范,但自 Java 1.3 以来什么也没找到。
谢谢!
On my web server I have an HTML file that contains an applet tag:
<html>
<head/>
<body>
<applet code="Hello.class" width="100" height="100" />
</body>
</html>
And I have a Java class file named Hello.class in the same directory as the HTML file.
Both of these files are running on a web server (IIS 6) whose host name is something like this:
bart.simpson.springfield.com
I have two cookies in my browser:
- CookieA - Scoped to springfield.com
- CookieB - Scoped to simpson.springfield.com
When the HTML file is requested from the server, Fiddler shows that both of the above cookies are sent along with the request.
When the Java class file is requested from the server, Fiddler shows that only CookieA (scoped to springfield.com) is sent.
I need both cookies to be sent to the server. Is there a way to do this?
I'm seeing this behavior is Firefox 3.5.2 and IE 7.
I've tried to find the spec on which cookies are sent but turned up nothing since Java 1.3.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
客户端 Java 插件始终咨询浏览器以验证是否需要在请求中发送 cookie。有关 Java 插件中 cookie 支持的详细信息,请参阅 Java 部署指南。
但有一种情况不会发送 cookie,即 Web 服务器设置了 HttpOnly< /a> cookie 上的标志。在这种情况下,对 applet 类的 HTTP 请求将不包含 cookie 标头,因为 Java 插件将无法访问 cookie。
The client-side Java plug-in always consults the browser to verify if a cookie needs to be sent in the request. Details of the cookie support in the Java plug-in are available in the Java deployment guide.
There is one situation though where cookies will not be sent, and that is when the web server has set the HttpOnly flag on the cookie. In such a case, the HTTP request for the applet class will not contain the cookie header, since the Java plug-in will not be able to access the cookie.
HTML 文件的 cookie 由浏览器本身发送,而 applet 类文件的 cookie 由 Java 插件发送。所以他们常常有所不同。
对于浏览器来说,它使用的唯一规则是域名。插件必须考虑安全策略和代码库等因素。有关详细信息,请参阅此文档
http://java.sun.com /products/plugin/1.3/docs/cookie.html
该小程序的代码库是什么?
The cookie for HTML file is sent by browser itself but the cookie for applet class file is sent by Java Plugin. So they often differ.
For browser, the only rule it uses is the domain name. Plugin has to factor in things as security policy and codebase. See this document for the details,
http://java.sun.com/products/plugin/1.3/docs/cookie.html
What's your codebase for the applet?