Different browsers store cookies in different ways.
The IE browser will save it as a text file in the "C:\Documents and Settings\your username\Cookies" folder, each text file saves a cookie.
1.1.2 Record the number of user visits
Cookie is encapsulated into javax.servlet.http.Cookie class in Java. Each cookie is an object of that Cookie class. The server operates on client cookies by manipulating Cookie class objects. Obtain all cookies submitted by the client through request.getCookie() (returned in the form of Cookie[] array), and set cookies to the client through response.addCookie(Cookiecookie).
The cookie object saves the user state in the form of key-value attribute pairs. One cookie object saves one attribute pair, and one request or response uses multiple cookies at the same time. Because the Cookie class is located under the package javax.servlet.http.*, there is no need to import this class in the JSP.
1.1.3 The non-cross-domain nature of cookies
Many websites use cookies. For example, Google issues cookies to clients and Baidu issues cookies to clients. Will the browser also carry the cookie issued by Baidu when visiting Google? Or can Google modify the cookies issued by Baidu?
the answer is negative. Cookies are not cross-domain. According to the cookie specification, browsers accessing Google will only carry Google's cookie, but not Baidu's cookie. Google can only operate Google's cookies, but not Baidu's cookies.
Cookies are managed by the browser on the client side. The browser can ensure that Google will only operate Google's cookies and not Baidu's cookies, thereby ensuring user privacy. Browsers determine whether a website can operate another website's cookie based on the domain name. Google's domain name is not the same as Baidu's, so Google cannot operate Baidu's cookies.
It should be noted that although the website images.google.com and the website www.google.com belong to Google, but the domain names are different, the two cannot operate each other's cookies.
Note: After logging in to the website www.google.com, the user will find that the login information is still valid when visiting images.google.com, but ordinary cookies cannot. This is because Google does special treatment. Cookies are treated similarly later in this chapter.
boolean secure
Whether the cookie is only transmitted using a secure protocol. Security Protocol. Security protocols include HTTPS, SSL, etc., which encrypt data before transmitting it on the network. Default is false
String path
The usage path of this cookie. If set to "/sessionWeb/", only programs whose contextPath is "/sessionWeb" can access the cookie. If it is set to "/", the contextPath under this domain name can access the cookie. Note that the last character must be "/"
String domain
The domain name that can access the cookie. If set to ".google.com", all domains ending in "google.com" can access the cookie. Note that the first character must be "."
1.1.9 Cookie domain name
Cookies are not cross-domain. Cookies issued by the domain name www.google.com will not be submitted to the domain name www.baidu.com. This is determined by the privacy and security mechanism of cookies. The privacy security mechanism can prevent websites from illegally obtaining cookies from other websites.
Under normal circumstances, two second-level domain names under the same first-level domain name, such as www.helloweenvsfei.com and images.helloweenvsfei.com, cannot use cookies interchangeably, because the two domain names are not strictly the same. If you want all second-level domain names under helloweenvsfei.com to use this cookie, you need to set the domain parameter of the cookie, for example:
Cookie cookie = new Cookie("time","20080808"); // 新建Cookie
cookie.setDomain(".helloweenvsfei.com"); // set the domain name
cookie.setPath("/"); // set the path
cookie.setMaxAge(Integer.MAX_VALUE); // Set the validity period
response.addCookie(cookie); // output to client
Here is the path where cookies are stored in different windows versions
2000、Xp:
Cookie:C:/Documents and Settings/[user name]/Cookies/
Vista, Win7:
In Vista and Win7, the permission management is more strict, and IE7/IE8 uses the protected mode mechanism by default. Under the protection mechanism, IE runs with low permissions. If IE runs under low permissions, set the directory to the corresponding Low directory, as follows:
Cookie: C:/Users/[user name]/AppData/Roaming/Microsoft/Windows/Cookies/
C:/Users/[user name ]/AppData/Roaming/Microsoft/Windows/Cookies/Low/
After entering the directory, the first file sorted by the latest time is the cookie file you are currently operating, and the file name here is randomly generated.
is stored in sqlite database, unreadable!!!
[root@localhost ~]# cd /root/.mozilla/firefox/05yqkdom.default
[root@localhost 05yqkdom.default]# ls
adblockplus gmp prefs.js
addons.json gmp-gmpopenh264 reading-list.sqlite
blocklist.xml healthreport revocations.txt
bookmarkbackups healthreport.sqlite search.json
cert8.db healthreport.sqlite-shm search-metadata.json
compatibility.ini healthreport.sqlite-wal secmod.db
content-prefs.sqlite jetpack sessionCheckpoints.json
cookies.sqlite key3.db sessionstore-backups
cookies.sqlite-shm lock SiteSecurityServiceState.txt
cookies.sqlite-wal logins.json storage
crashes mimeTypes.rdf times.json
datareporting minidumps webapps
enumerate_devices.txt permissions.sqlite webappsstore.sqlite
extensions places.sqlite webappsstore.sqlite-shm
extensions.ini places.sqlite-shm webappsstore.sqlite-wal
extensions.json places.sqlite-wal xulstore.json
formhistory.sqlite pluginreg.dat
[root@localhost 05yqkdom.default]# vim cookies.sqlite
[root@localhost 05yqkdom.default]# vim cookies.sqlite-shm
[root@localhost 05yqkdom.default]# vim cookies.sqlite-wal
[root@localhost 05yqkdom.default]#
cookies.sqlite
