如果我的cookie設置爲今天晚上7點過期,並且我在晚上6點30分開始會話,那麼在該會話期間但在晚上7點之後發出的請求將包含cookie,因爲會話結束或瀏覽器已將其刪除時會將其刪除?在會話期間Cookie是否過期?
0
A
回答
2
是的,cookies可以在會話期間過期並且經常這樣做。無論是在會話中,還是不在會話中,Cookies都會在到期時過期。如果服務器希望Cookie持續進行會話,它應該將Cookie重置爲會話Cookie,或者將來設置更長的到期時間。
瀏覽器不應該發送任何已過期到服務器的cookie。
最大年齡=值
可選:這是在RFC 2965(2000年10月),其中規定處理。的最大年齡屬性的值是Δ-秒,
cookie的以秒爲單位的壽命,十進制非負
整數。爲了正確地處理高速緩存的cookie,客戶端應根據年齡計算
計算cookie的年齡
在HTTP/1.1規範[RFC2616] 規則。 當年齡比Δ-秒秒
越大,客戶端應該丟棄
的cookie。值爲零表示cookie應該被丟棄
立即。
[強調]
,並說:
餅乾已經過期應該被拋棄,因此不 轉發到源服務器。
[強調]
本RFC通過2011年4月在該點是在適當位置從2000年10月,RFC 2965(2000年10月)中的溶液通過RFC 6265代替(2011年4月)。 RFC 6265改變了將過期的cookies從「應該」移除到「必須」的要求。RFC 6265說:
4. Server Requirements
...
4.1.2.1. The Expires Attribute
The Expires attribute indicates the maximum lifetime of the cookie,
represented as the date and time at which the cookie expires. The
user agent is not required to retain the cookie until the specified
date has passed. In fact, user agents often evict cookies due to
memory pressure or privacy concerns.
4.1.2.2. The Max-Age Attribute
The Max-Age attribute indicates the maximum lifetime of the cookie,
represented as the number of seconds until the cookie expires. The
user agent is not required to retain the cookie for the specified
duration. In fact, user agents often evict cookies due to memory
pressure or privacy concerns.
NOTE: Some existing user agents do not support the Max-Age
attribute. User agents that do not support the Max-Age attribute
ignore the attribute.
If a cookie has both the Max-Age and the Expires attribute, the Max-
Age attribute has precedence and controls the expiration date of the
cookie. If a cookie has neither the Max-Age nor the Expires
attribute, the user agent will retain the cookie until "the current
session is over" (as defined by the user agent).
...
5. User Agent Requirements
...
5.2.1. The Expires Attribute
If the attribute-name case-insensitively matches the string
"Expires", the user agent MUST process the cookie-av as follows.
Let the expiry-time be the result of parsing the attribute-value as
cookie-date (see Section 5.1.1).
If the attribute-value failed to parse as a cookie date, ignore the
cookie-av.
If the expiry-time is later than the last date the user agent can
represent, the user agent MAY replace the expiry-time with the last
representable date.
If the expiry-time is earlier than the earliest date the user agent
can represent, the user agent MAY replace the expiry-time with the
earliest representable date.
Append an attribute to the cookie-attribute-list with an attribute-
name of Expires and an attribute-value of expiry-time.
5.2.2. The Max-Age Attribute
If the attribute-name case-insensitively matches the string "Max-
Age", the user agent MUST process the cookie-av as follows.
If the first character of the attribute-value is not a DIGIT or a "-"
character, ignore the cookie-av.
If the remainder of attribute-value contains a non-DIGIT character,
ignore the cookie-av.
Let delta-seconds be the attribute-value converted to an integer.
If delta-seconds is less than or equal to zero (0), let expiry-time
be the earliest representable date and time. Otherwise, let the
expiry-time be the current date and time plus delta-seconds seconds.
Append an attribute to the cookie-attribute-list with an attribute-
name of Max-Age and an attribute-value of expiry-time.
...
5.3. Storage Model
...
A cookie is "expired" if the cookie has an expiry date in the past.
The user agent MUST evict all expired cookies from the cookie store
if, at any time, an expired cookie exists in the cookie store.
At any time, the user agent MAY "remove excess cookies" from the
cookie store if the number of cookies sharing a domain field exceeds
some implementation-defined upper bound (such as 50 cookies).
At any time, the user agent MAY "remove excess cookies" from the
cookie store if the cookie store exceeds some predetermined upper
bound (such as 3000 cookies).
When the user agent removes excess cookies from the cookie store, the
user agent MUST evict cookies in the following priority order:
1. Expired cookies.
2. Cookies that share a domain field with more than a predetermined
number of other cookies.
3. All cookies.
If two cookies have the same removal priority, the user agent MUST
evict the cookie with the earliest last-access date first.
When "the current session is over" (as defined by the user agent),
the user agent MUST remove from the cookie store all cookies with the
persistent-flag set to false.
相關問題
- 1. Cookie過期僅適用於會話Cookie
- 2. 會話過期,我的cookie也會過期
- 3. 瀏覽器關閉時會話cookie是否過期?
- 4. ASP.NET會話過期時間
- 5. CURL - Cookie未啓用/會話過期
- 6. 當會話Cookie使用cURL過期時
- 7. cookie過期或會話超時太快
- 8. HTTPOnly將cookie過期設置爲會話
- 9. 檢查快速會話是否過期
- 10. laravel 5.1檢查會話是否過期
- 11. 會話變量是否在不同的時間量後過期?
- 12. Cookie過期日期正在採用magento中的會話值
- 13. 檢查cookie是否在iPhone中過期
- 14. Cookie值在Cookie過期之前過期
- 15. 我如何檢查Magento中的會話或Cookie過期時間
- 16. 使用activerecord會話存儲的cookie過期時間
- 17. Tomcat Spring Security - 設置會話cookie過期時間
- 18. Rails基於cookie的會話:混合會話範圍和過期時間
- 19. Django會話過期
- 20. 會話未過期?
- 21. sfGuardUser - 會話過期
- 22. 使會話過期
- 23. WKWebView會話過期
- 24. Firebase會話過期
- 25. Struts2會話過期
- 26. GET $ .cookie過期日期時間
- 27. ASP.NET會話不會過期
- 28. 幫助w/Codeigniter會話過期時間
- 29. CodeIgniter中的會話過期時間
- 30. 爲會話設置過期時間
謝謝,非常詳細! – 2014-10-06 13:32:14