Suppose I have a website www.mysite.com.
Can the $_COOKIE
array ever contain cookies that were set by domains other than www.mysite.com
, if I am using $_COOKIE
via PHP code on the domain www.mysite.com
?
My understanding (which is quite limited!) is that a domain can only access cookies that it set itself, which means that $_COOKIE
could only contain cookies which were set by the domain. Is this correct?
No. Only a nonfunctional browser would do such a thing.
Only the client can view all the cookies for all separate domains, the browser makes sure to send only the cookies related to the current domain and non other.
确切地说, $_COOKIE
只能访问由他的域名设置的cookie。
It is possible but only for subdomains to share some cookies, by using '.domain.com' instead 'domain.com' .
Across different domains, like domain1.com and domain2.com is not possible.
The http request
sent to your server from browser will contain the cookies that you have placed in the browser. Accessing a cookie that does not belong to your domain will be a malicious activity, giving rise to security issues.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.