Best IT Recipes

The path to the cookie and its accessibility to subfolder pages

Say I have a website with a domain: www.example.com

If I set a cookie with the outline / , the cookie will be accessible through all pages in the domain, for example:

  • www.example.com/page1.html
  • www.example.com/subfolder1/page1.html
  • www.example.com/subfolder1/moresubfolder1/page1.html etc.

What if we set the cookie to the path " / subfolder1 ", will the cookie be available for any page or subfolder under the folder? For example:

  • www.example.com/subfolder1/moresubfolder/page1.html

So, if not, I think I have no choice but to use the '/' path for these cookies, right?

+62
cookies
Feb 23 '09 at 4:34
source share
3 answers

If we set the cookie path to '/ subfolder1' , will cookies be available for any page or subfolder in the folder?

Yes. The cookie will be available for all pages and subdirectories in the path /subfolder1 .

+62
Feb 23 '09 at 4:44
source share

if we set the cookie to the path /subfolder1 , the following pages are available in this example:

www.example.com/subfolder1/page1.html
www.example.com/subfolder1/moresubfolder1/page1.html
and etc.

However, www.example.com/page1.html not available because it does not belong to the allowed path.

+12
Jul 14 '14 at 10:16
source share

To eliminate some ambiguity by reusing some of this , answer:

The request path path matches the specified cookie path if at least one of the following conditions is true:

  • The cookie path and the request path are identical.
  • The cookie path is the prefix of the request path, and the last character of the cookie path is% x2F ("/").
  • The cookie path is the request path prefix and the first character of the request path that is not included in the cookie. path is the% x2F ("/") character.

There is a small (but potentially important) difference between setting a cookie on the path /subfolder1 and the path /subfolder1/ .

If you rely on the former, your request path must begin with the character "% x2F (" / ")" (slash) to guarantee the desired behavior. For example, look at a related answer.

Setting the cookie path simply / eliminates any cases of edges, but as you say, the cookie will be available for the entire domain.

+8
May 13 '16 at 1:09
source share


More articles:


All Articles