ASP.NET:请求 cookie 的域为空?
当我检查 HttpContext.Current.Request.Cookies 集合时,我的一些 cookie 的域成员为 null。
为什么/什么时候域为空?
When I examine my HttpContext.Current.Request.Cookies collection, some of my cookies have null for their Domain member.
Why/when is a Domain null?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
域属性仅用于设置cookie。显然,如果您将 cookie 作为请求的一部分进行读取,则客户端浏览器会认为该域与您的站点适当匹配。
The domain property is only for setting cookies. Obviously, if you are reading the cookie as part of the request, the client browser felt that the domain was appropriately matched to your site.
默认情况下,Cookie 与当前域关联。
所以如果在现场
并且您执行以下操作:
该域名将是
。
但是,您可以通过设置域的范围来覆盖此功能:
这样 cookie 将仅适用于该特定子域中的请求。
当然,您可以将域设置为 NULL,但我无法想象这会有用的场景。
检查您如何创建 cookie。
参考: http://msdn.microsoft.com/en-us/library/ ms178194.aspx
By default, Cookies are associated with the current domain.
So if on site
and you do the following:
The domain will be
.
However, you can override this functionality by setting the scope of the domain:
The cookie will then only be available to requests in that specific subdomain.
So of course, you can set the Domain to NULL, but i cant envision a scenario where this would be useful.
Check how you are creating your cookies.
Reference: http://msdn.microsoft.com/en-us/library/ms178194.aspx
HttpCookie 的当 .Net Framework 构造
HttpCookie类的实例并根据运行时配置文件 (system.web/httpCookies) 中存储的值初始化其值时,Domain成员为 null,并且该成员不会被其他值(未指定)覆盖。这个未指定值表示cookie应该由用户代理(通常是浏览器)发送到仅发送到生成cookie的服务器而不是其他服务器。根据互联网提出的标准RFC6265 HTTP状态管理机制:
RFC 没有为未指定定义任何特定值,因此实现者可以选择他们喜欢的任何值。 Microsoft 选择将 Domain 成员表示为字符串值,因此
null或 "" (String.Empty) 表示未指定,但隐式配置的默认值为null。如果您收到的 cookie 的 Domain 值为
null,则意味着用户代理处理了该 cookie,确定其来源与其向其发送请求的服务器相匹配,并将 cookie 数据包含在请求的Cookie标头。同样,如果您要返回该 cookie,您可能希望仅在运行您的应用程序的同一主机的另一个请求中接收该 cookie。在 ASP.Net 应用程序中,如果
string.IsNullOrEmpty(cookie.Domain)为 true,您可以假设用户代理在向其确定为原始主机的服务器的请求中包含 cookie,即 <代码>Request.Url.Host。An HttpCookie's
Domainmember is null when the .Net Framework constructs an instance of theHttpCookieclass, initializes its value from values stored in a runtime configuration file (system.web/httpCookies), and the member is not overwritten with another value (not specified). This unspecified value indicates the cookie should be sent by the user agent (usually a browser) to only the server that originated the cookie and no other.According to the Internet proposed standard RFC6265 HTTP State Management Mechanism:
Th RFC does not define any specific value for unspecified, so implementors may choose whatever value or values they like. Microsoft chose to represent the Domain member as a string value, so either
nullor "" (String.Empty) represent unspecified, but the implicitly configured default value isnull.If you are receiving a cookie that has Domain value of
null, it means the user agent processed the cookie, decided its origin matched the server it was sending the request to, and included the cookie data in the request'sCookieheader. Likewise, if you are returning that cookie, you may expect to receive that cookie in another request only by the same host that is running your application.In an ASP.Net application, if
string.IsNullOrEmpty(cookie.Domain)is true, you may assume the user agent included the cookie in the request to the server it decided was the originating host, i.e.Request.Url.Host.