堆栈内存溢出
  简体   繁体   English

LAMP 堆栈中的哪个应用程序组件设置“Set-Cookie”标头

[英]What application component in a LAMP stack, sets the "Set-Cookie" header

 原文  2012-11-16 10:17:17       php/ http-headers/ session-cookies

问题描述

The application I'm working with accepts three different types of login.我正在使用的应用程序接受三种不同类型的登录。 Automatically if the client connects from certain IP-adresses, or a POST request, either from a normal browser rendered form, or towards a JSON reading API-endpoint.如果客户端从某些 IP 地址或 POST 请求连接,无论是从普通浏览器呈现的表单,还是朝向 JSON 读取 API 端点,都会自动连接。

All three options boil down to calling the same functions for registering the user as logged in, and generating a session.所有三个选项都归结为调用相同的函数来将用户注册为登录并生成会话。

Despite the code paths being the same as far as I can determine, two of these consistently work, while one consistently fails to add a 'Set-Cookie' header to the response, even though the application logic generates a sessionid that gets sent in the reponse body.尽管我可以确定代码路径是相同的,但其中两个始终有效,而一个始终无法向响应添加“Set-Cookie”标头,即使应用程序逻辑生成一个 sessionid 并在反应体。

Never having needed to dig into how session authentication works to this level of detail, I realise I don't understand.从来不需要深入研究会话身份验证如何工作到这种详细程度,我意识到我不明白。 where the 'Set-Cookie' header, should come from . 'Set-Cookie' 标头应该来自哪里 Should application logic always build the header manually?应用程序逻辑是否应该始终手动构建标头? Will PHP do it automatically once session_start() is called?一旦session_start()被调用,PHP 会自动执行吗? Does Apache do it based on other parts of the header? Apache 是否根据标头的其他部分执行此操作?

I sort of ruled out 1 by failing to find anything with grep -ri "set.cookie" * in the codebase I'm working with.我通过在我正在使用的代码库中找不到任何带有grep -ri "set.cookie" *内容来排除 1。

1 个解决方案

解决方案1
 1  2012-11-16 10:24:11

session_start sends a session cache limiter and a session cookie (or sets a $_GET key with your PHPSESSID). session_start发送会话缓存限制器会话 cookie (或使用您的 PHPSESSID 设置 $_GET 键)。

This function is where the Set-Cookie paramater is sent from.这个函数是发送 Set-Cookie 参数的地方。 Apache will then pass it back to the browser when it sends the page back.当 Apache 将页面发回时,它会将其传递回浏览器。

You need to remember however that storing the cookie is actually up to the browser .但是您需要记住,存储 cookie 实际上取决于浏览器 By and large they will be set without issue, but certain conditions will stop this from happening, such as the security settings in Internet Explorer or the user rejecting cookies entirely.总的来说,它们的设置不会有问题,但某些条件会阻止这种情况发生,例如 Internet Explorer 中的安全设置或用户完全拒绝 cookie。

Further reading:进一步阅读:

http://www.php.net/manual/en/function.session-start.php http://www.php.net/manual/en/function.session-start.php

http://www.php.net/manual/en/function.session-get-cookie-params.php http://www.php.net/manual/en/function.session-get-cookie-params.php

http://www.php.net/manual/en/function.session-status.php http://www.php.net/manual/en/function.session-status.php

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP CURL | 标头集-Cookie - PHP CURL | Header Set-Cookie PHP Set-Cookie 在标题中用于下一个请求 - PHP Set-Cookie in the header for next request 多次设置cookie header - set-cookie header multiple times Angular 5 - 尽管(Set-Cookie)在响应标头中,但已设置 Cookie - Angular 5 - Cookie is set although (Set-Cookie) is in the response header 使用 header(“Set-cookie”) 与 setcookie() 函数设置 cookie - Setting cookie using header(“Set-cookie”) vs setcookie() function Set-Cookie header 不在测试环境中创建 cookie - Set-Cookie header not creating cookie in test environment Set-Cookie存在于标头响应中,但在浏览器中缺失 - Set-Cookie present in header response but missing in browser 未收到带有 axios 发布请求的 Set-Cookie 标头 - Not Receiving Set-Cookie Header with axios post request PHP-CURL-Set-Cookie标头(忽略点) - PHP - CURL - Set-Cookie Header (Ignoring dots) 从重定向php获取set-cookie头 - Get set-cookie header from redirect php
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM