在响应有效负载中找到HTTP_COOKIE的源?
[英]Finding the source of a HTTP_COOKIE in a response payload?
问题描述
The following code correctly identifies a properly formed payload and sends a 200 response. 
下面的代码正确地标识格式正确的有效负载并发送200响应。
if($signature == $authKey)
{
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/');
}
}
http_response_code(200);
XeroWebHookHandler::handlePayload($rawPayload);
}
The endpoint however, won't accept a HTTP response containing a cookie. 但是,端点将不接受包含cookie的HTTP响应。
The above code is giving me the following response Response contained a cookie . 上面的代码给了我以下响应Response contained a cookie 。
My service is hosted on an AWS EC2 instance running a standard Ubuntu server hosting apache. 我的服务托管在运行标准Ubuntu服务器托管apache的AWS EC2实例上。
What methods can I use to correctly identify what might be setting a HTTP_COOKIE variable. 我可以使用哪些方法正确识别可能正在设置HTTP_COOKIE变量的内容。 Alternatively, am I clearing it correctly? 或者,我可以正确清除它吗?
1 个解决方案
解决方案1
0 已采纳 2018-04-06 05:50:35
I found it. 我找到了。 The answer helped in my specific case, but I will share it in case anyone else has the same issue. 答案对我的具体情况有所帮助,但如果其他人有相同的问题,我会分享。
Session cookies are the issue. 会话cookie是问题。
session_destroy();
setcookie("PHPSESSID", "", time()-3600, "/");
I found that session_destroy() alone left some crumbs. 我发现单独使用session_destroy()留下一些碎屑。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.