問題描述
我有這個(gè)代碼:
window.onload = function() {
document.cookie = 'foo=bar; expires=Sun, 01 Jan 2012 00:00:00 +0100; path=/';
var xhr = new XMLHttpRequest();
xhr.open("GET", "/showcookie.php",true);
xhr.setRequestHeader("Cookie", "foo=quux");
xhr.setRequestHeader("Foo", "Bar");
xhr.setRequestHeader("Foo", "Baz");
xhr.withCredentials = true;
var pre = document.getElementById('output');
xhr.onreadystatechange = function() {
if (4 == xhr.readyState) {
pre.innerHTML += xhr.responseText + "
";
}
};
xhr.send(null);
};
還有這個(gè)/showcookie.php
and this /showcookie.php
<?php
print_r($_COOKIE);
?>
它總是顯示
Array
(
[Host] => localhost
[User-Agent] =>
[Accept] =>
[Accept-Language] => pl,en-us;q=0.7,en;q=0.3
[Accept-Encoding] => gzip,deflate
[Accept-Charset] => ISO-8859-2,utf-8;q=0.7,*;q=0.7
[Keep-Alive] => 115
[Connection] => keep-alive
[foo] => Baz
[Referer] =>
[Cookie] => foo=bar
)
Array
(
[foo] => bar
)
我在 Ubuntu 上使用 Firefox 3.6.13、Opera 11.00 和 Chromium 9.0.
I'm using Firefox 3.6.13, Opera 11.00 and Chromium 9.0 on Ubuntu.
有沒有人有同樣的問題,或者無法修改 Cookie 標(biāo)頭.
Is anybody have the same problem or maybe it's impossible to modify Cookie header.
推薦答案
Cookie 標(biāo)頭是 XMLHttpRequest 中無法修改的幾個(gè)標(biāo)頭之一.來自規(guī)范:
The Cookie header is one of several which cannot be modified in an XMLHttpRequest. From the specification:
終止[執(zhí)行setRequestHeader方法]如果header是一個(gè)不區(qū)分大小寫的匹配項(xiàng)之一以下標(biāo)題:
Terminate [execution of the
setRequestHeadermethod] if header is a case-insensitive match for one of the following headers:
- 接受字符集
- 接受編碼
- 連接
- 內(nèi)容長(zhǎng)度
- Cookie
- Cookie2
- 內(nèi)容傳輸編碼
- 日期
- 期待
- 主持人
- 保持活躍
- 推薦人
- TE
- 預(yù)告片
- 傳輸編碼
- 升級(jí)
- 用戶代理
- 通過
... 或者如果標(biāo)題的開頭是代理的不區(qū)分大小寫匹配 - 或Sec- (包括當(dāng)標(biāo)題只是Proxy-或Sec-).
… or if the start of header is a case-insensitive match for Proxy- or Sec- (including when header is just Proxy- or Sec-).
以上標(biāo)題由用戶代理讓它控制那些運(yùn)輸方面.這保證數(shù)據(jù)完整性在一定程度上.標(biāo)題以 Sec- 開頭的名稱不是允許設(shè)置為允許新標(biāo)頭保證不會(huì)被鑄造來自 XMLHttpRequest.
The above headers are controlled by the user agent to let it control those aspects of transport. This guarantees data integrity to some extent. Header names starting with Sec- are not allowed to be set to allow new headers to be minted that are guaranteed not to come from XMLHttpRequest.
這篇關(guān)于如何從 Ajax 調(diào)用修改 Cookie的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!