发表新帖
发表新帖

Persistent cookies from a servlet in IE

前端 未结
关注
6 1714
故里飘歌
故里飘歌 2020-12-10 07:23

I have a cookie which is generated from a servlet and that I would like to be persistent - that is, set the cookie, close down IE, start it back up, and still be able to re

相关标签:
6条回答
  • Happy的楠姐
    2020-12-10 07:56

    I had a similar issue with IE8 as well, except that the cookie was persisting when using http but not when using https. Intellectual Tortoise's solution worked for me, as I had '=' and other chars in there that were screwing it up. Before I encoded the https cookie, it showed as expiring at "End of session". After encoding the value, it expired with the maxAge I passed in. Here's the methods I used to encode/decode the cookie value before setting and after retrieving it: 

    public static String encodeString(String s) {
    String encodedString = s;

    try{
        encodedString = URLEncoder.encode(s, "UTF-8");
    } catch (UnsupportedEncodingException e) {}

    return encodedString;
}
public static String decodeString(String s) {
    String decodedString = s;

    try{
        decodedString = URLDecoder.decode(s, "UTF-8");
    } catch (UnsupportedEncodingException e) {}

    return decodedString;
}
    0 讨论(0)
  • 情书的邮戳
    2020-12-10 08:00

    I know nothing of Java or servlets, but IE will only persist a cookie if it has an Expires date, setting max-age is not sufficient, IE will continue to treat it as a session cookie.

    0 讨论(0)
  • 爱一瞬间的悲伤
    2020-12-10 08:00

    Few suggestions.

    1. Are you using fqdn to access the site?
    2. use fiddler to check how does the cookie looks in the http response.
    3. Check if other sites on the internet are storing cookies successfully.
    0 讨论(0)
  • 余生分开走
    2020-12-10 08:05

    This http://www.mail-archive.com/users@tomcat.apache.org/msg52249.html has the answer, but doesn't really explain why.

    That is, by encoding @ (which is an unacceptable character in version 0 cookies), the cookie sent in the response has it's version set to 0 (acceptable to IE) rather than 1 (a different format and therefore unacceptable IE).

    My issue was the sort of the same. We were Base64 encoding our cookie value and sending it down. However, Base64 includes characters like '=' ... which is again illegal in version 0 and thereby unacceptable to IE.

    The mystery that remains for me is: some part of the stack is 'smart' enough to recognize that the cookie value is invalid as a version 0 cookie and decides to send the response as a version 1 cookie (which includes explicit version number, the "unacceptable" characters, max-age rather than expires field, etc.) I don't know if it's Tomcat, Faces, Spring or javax.servlet which makes the decision to flip the version.

    Bottom line: URI encoding on the value of the cookie will ensure the cookie set to the browser is version 0 and therefore persisted by IE.

    0 讨论(0)
  • 青春惊慌失措
    2020-12-10 08:07 
     try{
        encodedString = URLEncoder.encode(s, "UTF-8");
    } catch (UnsupportedEncodingException e) {}

    return encodedString;`a`
}
public static String decodeString(String s) {
    String decodedString = s;

    try{
        decodedString = URLDecoder.decode(s, "UTF-8");
    } catch (UnsupportedEncodingException e) {}

    return decodedString;
}
    0 讨论(0)
  • 有刺的猬
    2020-12-10 08:19

    As I don't use windows this is some fainted memory: If you set your IE cookie settings to "ask for permission" each time a cookie is set - doesn't it show how long the cookie is supposed to be valid? Also, you might want to add the site to another security zone (local or whatever that was called) in order to get completely different settings and try again then.

    Hope this helps...

    0 讨论(0)
 看不清?
提交回复
热议问题