简体繁体 English

localhost` 上的安全 Cookie

[英]Secure Cookie on `http://localhost`

原文 2020-11-25 14:02:15 7 1 node.js/ google-chrome/ http/ web/ cookies

I'm trying to set a secure cookie on http://localhost:3000 :我正在尝试在http://localhost:3000上设置安全 cookie：

Set-Cookie: loggedUser=brillout;设置 Cookie：loggedUser=brillout； Max-Age=315360000;最大年龄=315360000； Path=/;路径=/; HttpOnly;仅限HTTP； Secure安全的

But Chrome complains:但是 Chrome 抱怨：

This Set-Cookie was blocked because it had the "Secure" attribute but was not received over a secure connection.此 Set-Cookie 已被阻止，因为它具有“安全”属性，但不是通过安全连接接收的。

Yet, according to MDN , it should work:然而，根据 MDN ，它应该工作：

A cookie with the Secure attribute is sent to the server only with an encrypted request over the HTTPS protocol, never with unsecured HTTP ( except on localhost )具有 Secure 属性的 cookie 仅通过 HTTPS 协议的加密请求发送到服务器，从不使用不安全的 HTTP（本地主机除外）

Is it possible to set Secure while being http://localhost ?是否可以在http://localhost时设置Secure ？ Developing on https://localhost instead of http://localhost is not an option.在https://localhost而不是http://localhost上开发不是一个选项。

1 个解决方案

At the time of writing, the Chrome browser stands at Version 100.0.4896.75, the browser is not giving an error or warning.在撰写本文时，Chrome 浏览器的版本为 100.0.4896.75，浏览器没有给出错误或警告。 I can easily set cookie from my localhost with attributes given by you.我可以使用您提供的属性从我的本地主机轻松设置 cookie。 But If you are still getting errors, you could easily install the SSL certificate on your localhost ( read this blog ) and it will resolve your problem.但如果您仍然遇到错误，您可以轻松地在本地主机上安装 SSL 证书（阅读此博客），它将解决您的问题。

Hope this helped you!希望这对你有帮助！