js之清除Cookie
最近新的系统开发用的是Cookie存储用户信息,使用des加密 工具类如下所示: /** * Copyright (c) 2013-Now http://jeesite.com All rights reserved. */ package com.lms.common.utils; import java.io.UnsupportedEncodingException; java.util.ArrayList; java.util.List; * DES加密解密工具 * 加密:DesUtils.encode("admin","1,2,3"); * 解密:DesUtils.decode("012C2C9BA925FAF8045B2FD9B02A2664",3"); * @author ThinkGem public class DesUtils { private static DesCore desCore = new DesCore(); * DES加密(secretKey代表3个key,用逗号分隔) */ static String encode(String data,String secretKey) { if (StringUtils.isBlank(data)){ return ""; } String[] ks = StringUtils.split(secretKey,","); if (ks.length >= 3){ return desCore.strEnc(data,ks[0],ks[1],ks[2]); } ); } * DES解密(secretKey代表3个key,用逗号分隔) String decode(String data,1)">return desCore.strDec(data,1)"> * DES加密/解密 * @Copyright Copyright (c) 2006 * Guapo */ @SuppressWarnings({"rawtypes","unused","unchecked"}) static DesCore { /* * encrypt the string to string made up of hex return the encrypted string */ public String strEnc(String data,String firstKey,String secondKey,String thirdKey) { int leng = data.length(); String encData = ""; List firstKeyBt = null,secondKeyBt = null; int firstLength = 0,secondLength = 0,thirdLength = 0if (firstKey != null && firstKey != "") { firstKeyBt = getKeyBytes(firstKey); firstLength = firstKeyBt.size(); } if (secondKey != null && secondKey != "") { secondKeyBt = getKeyBytes(secondKey); secondLength = secondKeyBt.size(); } if (thirdKey != null && thirdKey != "") { thirdKeyBt = getKeyBytes(thirdKey); thirdLength = thirdKeyBt.size(); } if (leng > 0) { if (leng < 4) { int[] bt = strToBt(data); int[] encByte = ; null && firstKey != "" && secondKey != null && secondKey != "" && thirdKey != ) { int[] tempBt; x,y,z; tempBt = bt; for (x = 0; x < firstLength; x++) { tempBt = enc(tempBt,([]) firstKeyBt.get(x)); } for (y = 0; y < secondLength; y++[]) secondKeyBt.get(y)); } for (z = 0; z < thirdLength; z++[]) thirdKeyBt.get(z)); } encByte = tempBt; } else { ) { [] tempBt; bt; ) { tempBt = enc(tempBt,1)">[]) firstKeyBt.get(x)); } []) secondKeyBt.get(y)); } encByte = tempBt; } { ) { [] tempBt; int x = 0; tempBt = bt; ) { tempBt = enc(tempBt,1)">[]) firstKeyBt.get(x)); } encByte = tempBt; } } } encData = bt64ToHex(encByte); } { int iterator = (leng / 4); int remainder = leng % 4int i = 0for (i = 0; i < iterator; i++) { String tempData = data.substring(i * 4 + 0,i * 4 + 4); int[] tempByte = strToBt(tempData); ; tempByte; []) secondKeyBt.get(y)); } []) thirdKeyBt.get(z)); } encByte = tempByte; []) firstKeyBt.get(x)); } []) secondKeyBt.get(y)); } encByte = tempBt; } { ) { [] tempBt; x; tempBt = tempByte; ) { tempBt = enc(tempBt,1)">[]) firstKeyBt.get(x)); } encByte = tempBt; } } } encData += bt64ToHex(encByte); } if (remainder > 0) { String remainderData = data.substring(iterator * 4 + 0,leng); strToBt(remainderData); bt64ToHex(encByte); } } } return encData; } * decrypt the encrypted string to the original string * * return the original string String strDec(String data,String thirdKey) { data.length(); String decStr = ""int iterator = leng / 16) { String tempData = data.substring(i * 16 + 0,i * 16 + 16); String strByte = hexToBt64(tempData); int[] intByte = new int[64]; int j = 0; for (j = 0; j < 64; j++) { intByte[j] = Integer.parseInt(strByte.substring(j,j + 1)); } int[] decByte = [] tempBt; intByte; for (x = thirdLength - 1; x >= 0; x--) { tempBt = dec(tempBt,1)">[]) thirdKeyBt.get(x)); } for (y = secondLength - 1; y >= 0; y--[]) secondKeyBt.get(y)); } for (z = firstLength - 1; z >= 0; z--[]) firstKeyBt.get(z)); } decByte = tempBt; } intByte; for (x = secondLength - 1; x >= 0; x--) { tempBt = dec(tempBt,1)">[]) secondKeyBt.get(x)); } for (y = firstLength - 1; y >= 0; y--[]) firstKeyBt.get(y)); } decByte = intByte; for (x = firstLength - 1; x >= 0; x--) { tempBt = dec(tempBt,1)">[]) firstKeyBt.get(x)); } decByte = tempBt; } } } decStr += byteToString(decByte); } decStr; } * chang the string into the bit array * * return bit array(it's length % 64 = 0) List getKeyBytes(String key) { List keyBytes = ArrayList(); key.length(); ); ) { keyBytes.add(i,strToBt(key.substring(i * 4 + 0,1)">))); } // keyBytes[i] = strToBt(key.substring(i*4+0,leng)); keyBytes.add(i,strToBt(key.substring(i * 4 + 0 keyBytes; } * chang the string(it's length <= 4) into the bit array * * return bit array(it's length = 64) [] strToBt(String str) { str.length(); int[] bt = ]; int i = 0,j = 0,p = 0,q = 0for (i = 0; i < leng; i++int k = str.charAt(i); for (j = 0; j < 16; j++int pow = 1,m = 0for (m = 15; m > j; m--) { pow *= 2; } bt.set(16*i+j,""+(k/pow)%2)); bt[16 * i + j] = (k / pow) % 2; } } for (p = leng; p < 4; p++int k = 0for (q = 0; q < 16; q++for (m = 15; m > q; m-- bt[16*p+q]=parseInt(k/pow)%2; bt.add(16*p+q,""+((k/pow)%2)); bt[16 * p + q] = (k / pow) % 2; } } } { for (int i = 0; i < 4; i++int j = 0; j < 16; j++int pow = 1int m = 15; m > j; m-- bt[16*i+j]=parseInt(k/pow)%2; bt.add(16*i+j,""+((k/pow)%2)); bt[16 * i + j] = (k / pow) % 2; } } } bt; } * chang the bit(it's length = 4) into the hex * * return hex String bt4ToHex(String binary) { String hex = ""if (binary.equalsIgnoreCase("0000")) { hex = "0"; } else if (binary.equalsIgnoreCase("0001")) { hex = "1"if (binary.equalsIgnoreCase("0010")) { hex = "2"if (binary.equalsIgnoreCase("0011")) { hex = "3"if (binary.equalsIgnoreCase("0100")) { hex = "4"if (binary.equalsIgnoreCase("0101")) { hex = "5"if (binary.equalsIgnoreCase("0110")) { hex = "6"if (binary.equalsIgnoreCase("0111")) { hex = "7"if (binary.equalsIgnoreCase("1000")) { hex = "8"if (binary.equalsIgnoreCase("1001")) { hex = "9"if (binary.equalsIgnoreCase("1010")) { hex = "A"if (binary.equalsIgnoreCase("1011")) { hex = "B"if (binary.equalsIgnoreCase("1100")) { hex = "C"if (binary.equalsIgnoreCase("1101")) { hex = "D"if (binary.equalsIgnoreCase("1110")) { hex = "E"if (binary.equalsIgnoreCase("1111")) { hex = "F"; } hex; } * chang the hex into the bit(it's length = 4) * * return the bit(it's length = 4) String hexToBt4(String hex) { String binary = ""if (hex.equalsIgnoreCase("0")) { binary = "0000"if (hex.equalsIgnoreCase("1")) { binary = "0001"; } if (hex.equalsIgnoreCase("2")) { binary = "0010"if (hex.equalsIgnoreCase("3")) { binary = "0011"if (hex.equalsIgnoreCase("4")) { binary = "0100"if (hex.equalsIgnoreCase("5")) { binary = "0101"if (hex.equalsIgnoreCase("6")) { binary = "0110"if (hex.equalsIgnoreCase("7")) { binary = "0111"if (hex.equalsIgnoreCase("8")) { binary = "1000"if (hex.equalsIgnoreCase("9")) { binary = "1001"if (hex.equalsIgnoreCase("A")) { binary = "1010"if (hex.equalsIgnoreCase("B")) { binary = "1011"if (hex.equalsIgnoreCase("C")) { binary = "1100"if (hex.equalsIgnoreCase("D")) { binary = "1101"if (hex.equalsIgnoreCase("E")) { binary = "1110"if (hex.equalsIgnoreCase("F")) { binary = "1111" binary; } * chang the bit(it's length = 64) into the string * * return string public String byteToString([] byteData) { String str = ""int count = 0) { pow *= 2; } count += byteData[16 * i + j] * pow; } if (count != 0) { str += "" + (char) (count); } } str; } public String bt64ToHex([] byteData) { String hex = ""int i = 0; i < 16; i++) { String bt = ""int j = 0; j < 4; j++) { bt += byteData[i * 4 + j]; } hex += bt4ToHex(bt); } String hexToBt64(String hex) { String binary = "") { binary += hexToBt4(hex.substring(i,i + 1)); } * the 64 bit des core arithmetic */ int[] enc(int[] dataByte,[] keyByte) { int[][] keys = generateKeys(keyByte); int[] ipByte = initPermute(dataByte); int[] ipLeft = int[32int[] ipRight = int[] tempLeft = for (k = 0; k < 32; k++) { ipLeft[k] = ipByte[k]; ipRight[k] = ipByte[32 + k]; } for (i = 0; i < 16; i++for (j = 0; j < 32; j++) { tempLeft[j] = ipLeft[j]; ipLeft[j] = ipRight[j]; } int[] key = int[48for (m = 0; m < 48; m++) { key[m] = keys[i][m]; } int[] tempRight = xor(pPermute(sBoxPermute(xor(expandPermute(ipRight),key))),tempLeft); for (n = 0; n < 32; n++) { ipRight[n] = tempRight[n]; } } int[] finalData = for (i = 0; i < 32; i++) { finalData[i] = ipRight[i]; finalData[32 + i] = ipLeft[i]; } finallyPermute(finalData); } int[] dec(for (i = 15; i >= 0; i-- keys[i][m]; } tempRight[n]; } } int[] initPermute([] originalData) { int[] ipByte = for (i = 0,n = 0; i < 4; i++,m += 2,n += 2for (j = 7,k = 0; j >= 0; j--,k++) { ipByte[i * 8 + k] = originalData[j * 8 + m]; ipByte[i * 8 + k + 32] = originalData[j * 8 + n]; } } ipByte; } int[] expandPermute([] rightData) { int[] epByte = i,j; for (i = 0; i < 8; i++if (i == 0) { epByte[i * 6 + 0] = rightData[31]; } { epByte[i * 6 + 0] = rightData[i * 4 - 1]; } epByte[i * 6 + 1] = rightData[i * 4 + 0]; epByte[i * 6 + 2] = rightData[i * 4 + 1]; epByte[i * 6 + 3] = rightData[i * 4 + 2]; epByte[i * 6 + 4] = rightData[i * 4 + 3if (i == 7) { epByte[i * 6 + 5] = rightData[0 { epByte[i * 6 + 5] = rightData[i * 4 + 4]; } } epByte; } int[] xor(int[] byteOne,1)">[] byteTwo) { var xorByte = new Array(byteOne.length); for(int i = 0;i < byteOne.length; i ++){ xorByte[i] = byteOne[i] ^ byteTwo[i]; } return xorByte; int[] xorByte = [byteOne.length]; int i = 0; i < byteOne.length; i++) { xorByte[i] = byteOne[i] ^ byteTwo[i]; } xorByte; } int[] sBoxPermute([] expandByte) { var sBoxByte = new Array(32); int[] sBoxByte = ]; String binary = ""int[][] s1 = { { 14,4,13,1,15,11,8,3,10,6,12,5,9,7 },{ 0,7,14,8 },{ 4,0 },{ 15,13 } }; Table - s2 */ int[][] s2 = { { 15,10 },{ 3,5 Table - s3 int[][] s3 = { { 10,8 },1 } }; Table - s4 int[][] s4 = { { 7,{ 10,4 },14 Table - s5 int[][] s5 = { { 2,9 },{ 14,6 Table - s6 int[][] s6 = { { 12,11 },{ 10,{ 9,6 },{ 4,1)"> Table - s7 int[][] s7 = { { 4,1 },{ 1,2 },{ 6,1)"> Table - s8 int[][] s8 = { { 13,2int m = 0; m < 8; m++; i = expandByte[m * 6 + 0] * 2 + expandByte[m * 6 + 5]; j = expandByte[m * 6 + 1] * 2 * 2 * 2 + expandByte[m * 6 + 2] * 2 * 2 + expandByte[m * 6 + 3] * 2 + expandByte[m * 6 + 4switch (m) { case 0: binary = getBoxBinary(s1[i][j]); breakcase 1 getBoxBinary(s2[i][j]); case 2 getBoxBinary(s3[i][j]); case 3 getBoxBinary(s4[i][j]); case 4 getBoxBinary(s5[i][j]); case 5 getBoxBinary(s6[i][j]); case 6 getBoxBinary(s7[i][j]); case 7 getBoxBinary(s8[i][j]); ; } sBoxByte[m * 4 + 0] = Integer.parseInt(binary.substring(0,1)">)); sBoxByte[m * 4 + 1] = Integer.parseInt(binary.substring(1,1)">)); sBoxByte[m * 4 + 2] = Integer.parseInt(binary.substring(2,1)">)); sBoxByte[m * 4 + 3] = Integer.parseInt(binary.substring(3,4 sBoxByte; } int[] pPermute([] sBoxByte) { int[] pBoxPermute = ]; pBoxPermute[0] = sBoxByte[15]; pBoxPermute[1] = sBoxByte[6]; pBoxPermute[2] = sBoxByte[19]; pBoxPermute[3] = sBoxByte[20]; pBoxPermute[4] = sBoxByte[28]; pBoxPermute[5] = sBoxByte[11]; pBoxPermute[6] = sBoxByte[27]; pBoxPermute[7] = sBoxByte[16]; pBoxPermute[8] = sBoxByte[0]; pBoxPermute[9] = sBoxByte[14]; pBoxPermute[10] = sBoxByte[22]; pBoxPermute[11] = sBoxByte[25]; pBoxPermute[12] = sBoxByte[4]; pBoxPermute[13] = sBoxByte[17]; pBoxPermute[14] = sBoxByte[30]; pBoxPermute[15] = sBoxByte[9]; pBoxPermute[16] = sBoxByte[1]; pBoxPermute[17] = sBoxByte[7]; pBoxPermute[18] = sBoxByte[23]; pBoxPermute[19] = sBoxByte[13]; pBoxPermute[20] = sBoxByte[31]; pBoxPermute[21] = sBoxByte[26]; pBoxPermute[22] = sBoxByte[2]; pBoxPermute[23] = sBoxByte[8]; pBoxPermute[24] = sBoxByte[18]; pBoxPermute[25] = sBoxByte[12]; pBoxPermute[26] = sBoxByte[29]; pBoxPermute[27] = sBoxByte[5]; pBoxPermute[28] = sBoxByte[21]; pBoxPermute[29] = sBoxByte[10]; pBoxPermute[30] = sBoxByte[3]; pBoxPermute[31] = sBoxByte[24 pBoxPermute; } int[] finallyPermute([] endByte) { int[] fpByte = ]; fpByte[0] = endByte[39]; fpByte[1] = endByte[7]; fpByte[2] = endByte[47]; fpByte[3] = endByte[15]; fpByte[4] = endByte[55]; fpByte[5] = endByte[23]; fpByte[6] = endByte[63]; fpByte[7] = endByte[31]; fpByte[8] = endByte[38]; fpByte[9] = endByte[6]; fpByte[10] = endByte[46]; fpByte[11] = endByte[14]; fpByte[12] = endByte[54]; fpByte[13] = endByte[22]; fpByte[14] = endByte[62]; fpByte[15] = endByte[30]; fpByte[16] = endByte[37]; fpByte[17] = endByte[5]; fpByte[18] = endByte[45]; fpByte[19] = endByte[13]; fpByte[20] = endByte[53]; fpByte[21] = endByte[21]; fpByte[22] = endByte[61]; fpByte[23] = endByte[29]; fpByte[24] = endByte[36]; fpByte[25] = endByte[4]; fpByte[26] = endByte[44]; fpByte[27] = endByte[12]; fpByte[28] = endByte[52]; fpByte[29] = endByte[20]; fpByte[30] = endByte[60]; fpByte[31] = endByte[28]; fpByte[32] = endByte[35]; fpByte[33] = endByte[3]; fpByte[34] = endByte[43]; fpByte[35] = endByte[11]; fpByte[36] = endByte[51]; fpByte[37] = endByte[19]; fpByte[38] = endByte[59]; fpByte[39] = endByte[27]; fpByte[40] = endByte[34]; fpByte[41] = endByte[2]; fpByte[42] = endByte[42]; fpByte[43] = endByte[10]; fpByte[44] = endByte[50]; fpByte[45] = endByte[18]; fpByte[46] = endByte[58]; fpByte[47] = endByte[26]; fpByte[48] = endByte[33]; fpByte[49] = endByte[1]; fpByte[50] = endByte[41]; fpByte[51] = endByte[9]; fpByte[52] = endByte[49]; fpByte[53] = endByte[17]; fpByte[54] = endByte[57]; fpByte[55] = endByte[25]; fpByte[56] = endByte[32]; fpByte[57] = endByte[0]; fpByte[58] = endByte[40]; fpByte[59] = endByte[8]; fpByte[60] = endByte[48]; fpByte[61] = endByte[16]; fpByte[62] = endByte[56]; fpByte[63] = endByte[24 fpByte; } public String getBoxBinary( i) { String binary = "" (i) { : binary = "0000": binary = "0001": binary = "0010": binary = "0011": binary = "0100": binary = "0101": binary = "0110": binary = "0111"case 8: binary = "1000"case 9: binary = "1001"case 10: binary = "1010"case 11: binary = "1011"case 12: binary = "1100"case 13: binary = "1101"case 14: binary = "1110"case 15: binary = "1111" * generate 16 keys for xor int[][] generateKeys(int[56int[][] keys = int[16][48]; keys[ 0] = new Array(); keys[ 1] = new Array(); keys[ 2] = new Array(); keys[ 3] = new Array(); keys[ 4] = new Array(); keys[ 5] = new Array(); keys[ 6] = new Array(); keys[ 7] = new Array(); keys[ 8] = new Array(); keys[ 9] = new Array(); keys[10] = new Array(); keys[11] = new Array(); keys[12] = new Array(); keys[13] = new Array(); keys[14] = new Array(); keys[15] = new Array(); int[] loop = int[] { 1,1)"> }; int i = 0; i < 7; i++int j = 0,k = 7; j < 8; j++,k--) { key[i * 8 + j] = keyByte[8 * k + i]; } } int tempLeft = 0int tempRight = 0int j = 0; j < loop[i]; j++) { tempLeft = key[0]; tempRight = key[28]; int k = 0; k < 27; k++) { key[k] = key[k + 1]; key[28 + k] = key[29 + k]; } key[27] = tempLeft; key[55] = tempRight; } var tempKey = new Array(48); int[] tempKey = ]; tempKey[0] = key[13]; tempKey[1] = key[16]; tempKey[2] = key[10]; tempKey[3] = key[23]; tempKey[4] = key[0]; tempKey[5] = key[4]; tempKey[6] = key[2]; tempKey[7] = key[27]; tempKey[8] = key[14]; tempKey[9] = key[5]; tempKey[10] = key[20]; tempKey[11] = key[9]; tempKey[12] = key[22]; tempKey[13] = key[18]; tempKey[14] = key[11]; tempKey[15] = key[3]; tempKey[16] = key[25]; tempKey[17] = key[7]; tempKey[18] = key[15]; tempKey[19] = key[6]; tempKey[20] = key[26]; tempKey[21] = key[19]; tempKey[22] = key[12]; tempKey[23] = key[1]; tempKey[24] = key[40]; tempKey[25] = key[51]; tempKey[26] = key[30]; tempKey[27] = key[36]; tempKey[28] = key[46]; tempKey[29] = key[54]; tempKey[30] = key[29]; tempKey[31] = key[39]; tempKey[32] = key[50]; tempKey[33] = key[44]; tempKey[34] = key[32]; tempKey[35] = key[47]; tempKey[36] = key[43]; tempKey[37] = key[48]; tempKey[38] = key[38]; tempKey[39] = key[55]; tempKey[40] = key[33]; tempKey[41] = key[52]; tempKey[42] = key[45]; tempKey[43] = key[41]; tempKey[44] = key[49]; tempKey[45] = key[35]; tempKey[46] = key[28]; tempKey[47] = key[31 m; (i) { : ) { keys[0][m] = tempKey[m]; } ) { keys[1][m] =) { keys[2][m] =) { keys[3][m] =) { keys[4][m] =) { keys[5][m] =) { keys[6][m] =) { keys[7][m] =) { keys[8][m] =) { keys[9][m] =) { keys[10][m] =) { keys[11][m] =) { keys[12][m] =) { keys[13][m] =) { keys[14][m] =) { keys[15][m] =; } } keys; } } } ? 把信息存储到浏览器中还是加密的要好,虽然现在有不少在线解密工具,但是还是推荐加密 下面进入正题,如何清除Cookie? 在谈谈这个问题前,我们是如何使用js获取Cookie呢? function getMyCookie(name){ var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)"); if(arr=document.cookie.match(reg)) return unescape(arr[2]); else return null; } <!-- 例如cookie的名字叫name 可通过getMyCookie("name")获得Cookie--> Cookie通常是加密的,假如存储的Cookie是一个字符串,如何将其解密呢? 比如我使用的是DES加密和解密,我通过ajax获取它并将其解析出来? 代码如下: js代码: //自动加载获取Cookie
function autoLoad(){
var str ="获取Cookie";
$.ajax({
url:"getCookie",type:"POST",data : {"str":str},dataType : 'json',success:function(data){
var json = eval("("+data+")");
if(json.returnCode=="200"){
$("#userId").val(json.userId);
}else if(json.returnCode=="500"){
window.location.href='view/Login.html';
}else{
alert("有问题,请联系管理员");
}
},error:function(){
alert("失败");
}
});
}
? ? Java代码: /**
* 获取Cookie信息
* @param str
* @param request
* @return
*/
@RequestMapping(value="/getCookie",method=RequestMethod.POST,produces="application/json;charset=utf-8")
@ResponseBody
public String getCookie(String str,HttpServletRequest request) {
logger.info("获取Cookie信息");
logger.info("str:"+str);
Map<String,Object> map = new HashMap<String,Object>();
//获取Cookie
String cookie = CookieUtils.getCookie(request,"userId");
if(cookie!=""||cookie!=null) {
logger.info("Cookie:"+cookie);
//将Cookie解密
String userId = DesUtils.decode(cookie,"userId");
//打印Cookie解密
logger.info("userId:"+userId);
map.put("userId",userId);
map.put("returnMsg","可获取Cookie");
map.put("returnCode","200");
}else {
map.put("returnMsg","不能获取Cookie");
map.put("returnCode","500");
}
return JSON.toJSONString(map);
}
如何清除Cookie? 代码如下所示: 我的存储用户信息是用Cookie,自然注销功能也是用清除Cookie的做法 /**
* 退出功能
*/
function getMyCookie(name){
var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)");
if(arr=document.cookie.match(reg))
return unescape(arr[2]);
else
return null;
}
function delCookie(name){
var exp = new Date();
exp.setTime(exp.getTime() - 1);
var cval=getMyCookie(name);
if(cval!=null)
document.cookie= name + "="+cval+";expires="+exp.toGMTString()+";path=/";
}
//退出功能
$(function(){
$("#exit").click(function(){
delCookie("userId");
location.href="http://localhost:8080/blog-web/";
});
});
? 首先Cookie有如下优缺点: 优点: ? ? ? ? (1)可配置到期规则?Cookie?可以在浏览器会话结束时到期,或者可以在客户端计算机上无限期存在,这取决于客户端的到期规则。 ?? ? ? ?(2)不需要任何服务器资源?Cookie?存储在客户端并在发送后由服务器读取。 ? ? ? ??(3)简单性?Cookie?是一种基于文本的轻量结构,包含简单的键值对。 (4)数据持久性?虽然客户端计算机上?Cookie?的持续时间取决于客户端上的?Cookie?过期处理和用户干预,Cookie?通常是客户端上持续时间最长的数据保留形式。 缺点: ?? (1)?大小受到限制?大多数浏览器对?Cookie?的大小有?4096?字节的限制,尽管在当今新的浏览器和客户端设备版本中,支持?8192?字节的?Cookie?大小已愈发常见。 ? (2)用户配置为禁用?有些用户禁用了浏览器或客户端设备接收?Cookie?的能力,因此限制了这一功能。 ? ?(3)?潜在的安全风险?Cookie?可能会被篡改。用户可能会操纵其计算机上的?Cookie,这意味着会对安全性造成潜在风险或者导致依赖于?Cookie?的应用程序失败。另外,虽然?Cookie?只能被将它们发送到客户端的域访问,历史上黑客已经发现从用户计算机上的其他域访问?Cookie?的方法。您可以手动加密和解密?Cookie,但这需要额外的编码,并且因为加密和解密需要耗费一定的时间而影响应用程序的性能。
?具体为什么要用Cookie结合业务需要。 对于我为什么用Cookie?而不用session,session存储服务器端,并不是全局的,而且随着用户越来越多,每个用户都有与之对应的session,对于服务器而言,无形之间形成了不小的并发。 而使用cookie,cookie虽然有安全方面的风险,但是是全局的,全局唯一一个cookie,只需将用户关键信息,例如id或用户名之类的存储其中,这样我每个页面都可以获取的到。这样实现拦截非法登录的效果也是很好的,而且无形之间减少了很多并发。当然就目前而言,对我来说,使用cookie不再向之前为了获取session,搞个拦截器过滤器,真的有种白了少年头,空悲切的感觉啊! ? (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |