当前位置: 文江博客话题详情

单击退出时删除 cookie

发布于 2024-11-30 08:33:30 字数 658 浏览 0 评论 0原文

我正在使用下面的代码创建 cookie,如何读取另一个页面中的 txtusername 值以及如何在单击注销时删除 cookie(注销代码)。我是编程新手,请帮忙。

  string cookiestr;
            HttpCookie ck;
            tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now,
            DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data");
            cookiestr = FormsAuthentication.Encrypt(tkt);

            ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);
            if (chkPersistCookie.Checked)
                ck.Expires = tkt.Expiration;
            ck.Path = FormsAuthentication.FormsCookiePath;
            Response.Cookies.Add(ck);
原文

I am creating the cookie using the code below, How to read the txtusername value in another page and how to delete the cookie when I click sign out(code for sign out). I am new to programming please help.

  string cookiestr;
            HttpCookie ck;
            tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now,
            DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data");
            cookiestr = FormsAuthentication.Encrypt(tkt);

            ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);
            if (chkPersistCookie.Checked)
                ck.Expires = tkt.Expiration;
            ck.Path = FormsAuthentication.FormsCookiePath;
            Response.Cookies.Add(ck);

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

洋洋洒洒 2024-12-07 08:33:30

您绝对不应该将密码存储为cookie。这是一个非常大的安全威胁。要删除 cookie,您实际上只需要修改它并使其过期即可。您无法真正删除它,即从用户磁盘中删除它。请查看此文档

这是一个示例:

 HttpCookie aCookie;
    string cookieName;
    int limit = Request.Cookies.Count;
    for (int i=0; i<limit; i++)
    {
        cookieName = Request.Cookies[i].Name;
        aCookie = new HttpCookie(cookieName);
        aCookie.Expires = DateTime.Now.AddDays(-1); // make it expire yesterday
        Response.Cookies.Add(aCookie); // overwrite it
    }

You should never store password as a cookie. That's a very big security threat. To delete a cookie, you really just need to modify and expire it. You can't really delete it, i.e. remove it from the user's disk. Check out this documentation.

Here is a sample:

 HttpCookie aCookie;
    string cookieName;
    int limit = Request.Cookies.Count;
    for (int i=0; i<limit; i++)
    {
        cookieName = Request.Cookies[i].Name;
        aCookie = new HttpCookie(cookieName);
        aCookie.Expires = DateTime.Now.AddDays(-1); // make it expire yesterday
        Response.Cookies.Add(aCookie); // overwrite it
    }
回复 原文
不甘平庸 2024-12-07 08:33:30

您不能直接删除 cookie,您必须将其设置为在当前日期之前过期:

if (Request.Cookies["clienDetails"] != null)
{
    HttpCookie myCookie = new HttpCookie("clienDetails");
    myCookie.Expires = DateTime.Now.AddDays(-1d);
    Response.Cookies.Add(myCookie);
}

您可以阅读有关它的更多信息 这里

此外,我真的鼓励您不要编写自己的安全性,而是阅读 asp.net会员资格。更安全、更易于使用。正如我所见,您的安全模型存在许多缺陷。将密码以纯文本形式存储在 cookie 中确实非常糟糕。

编辑:
由于您现在更改了代码,因此必须执行以下操作才能删除 cookie:

if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
    HttpCookie myCookie = new HttpCookie(FormsAuthentication.FormsCookieName);
    myCookie.Expires = DateTime.Now.AddDays(-1d);
    Response.Cookies.Add(myCookie);
}

You cannot directly delete a cookie, you have to set it to expire before the current date:

if (Request.Cookies["clienDetails"] != null)
{
    HttpCookie myCookie = new HttpCookie("clienDetails");
    myCookie.Expires = DateTime.Now.AddDays(-1d);
    Response.Cookies.Add(myCookie);
}

You can read more about it here.

Furthermore I really encourage you to not write your own security but to read up on asp.net membership. More secure and easier to use. As I can see many flaws in your security model. Storing the password in plain text in a cookie is really really bad.

EDIT:
As you now changed your code, you have to do this to remove the cookie:

if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
    HttpCookie myCookie = new HttpCookie(FormsAuthentication.FormsCookieName);
    myCookie.Expires = DateTime.Now.AddDays(-1d);
    Response.Cookies.Add(myCookie);
}
回复 原文
ゞ记忆︶ㄣ 2024-12-07 08:33:30

就我而言,这段代码有效:

Response.Cookies.Delete("access_token");
return Ok();

In my case this code worked:

Response.Cookies.Delete("access_token");
return Ok();
回复 原文
萌︼了一个春 2024-12-07 08:33:30

仅供参考,这对我使用 Chrome 69 并启用了 从您上次停下的地方继续 功能来说不起作用。 Firefox 也有类似问题。禁用此功能对我有用。

请参阅

FYI this did not work for me using Chrome 69 with the Continue where you left off feature enabled. Similar issue with Firefox. Disabling this feature worked for me.

See

回复 原文
~没有更多了~

关于作者

℡寂寞咖啡

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

游缘惊梦

文章 0 评论 0

小兔几

文章 0 评论 0

Glik

文章 0 评论 0

生生漫

文章 0 评论 0

Luxian

文章 0 评论 0

Champion-Ming

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文