[英]Are multiple Cookie headers allowed in an HTTP request?
通常,浏览器将cookie分组到单个Cookie
标头中,例如:
Cookie: a=1; b=2
标准是否允许将这些标题作为单独的标题发送,例如:
Cookie: a=1
Cookie: b=2
或者他们总是必须在同一条线上?
在查找此主题的详细信息时,可以查看此页面。 来自HTTP State Management Mechanism
报价, RFC 6265应该让事情更清楚:
5.4。 Cookie标头
当用户代理生成HTTP请求时,用户代理不得附加多个Cookie头字段。
它看起来像使用多个Cookie
头,其实,禁止!
它现在允许在HTTP / 2( RFC 7540 )中指定:
8.1.2.5. Compressing the Cookie Header Field
The Cookie header field [COOKIE] uses a semi-colon (";") to delimit
cookie-pairs (or "crumbs"). This header field doesn't follow the
list construction rules in HTTP (see [RFC7230], Section 3.2.2), which
prevents cookie-pairs from being separated into different name-value
pairs. This can significantly reduce compression efficiency as
individual cookie-pairs are updated.
To allow for better compression efficiency, the Cookie header field
MAY be split into separate header fields, each with one or more
cookie-pairs. If there are multiple Cookie header fields after
decompression, these MUST be concatenated into a single octet string
using the two-octet delimiter of 0x3B, 0x20 (the ASCII string "; ")
before being passed into a non-HTTP/2 context, such as an HTTP/1.1
connection, or a generic HTTP server application.
Therefore, the following two lists of Cookie header fields are
semantically equivalent.
cookie: a=b; c=d; e=f
cookie: a=b
cookie: c=d
cookie: e=f
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.