Very good [JS] Cookie Mastery Road Page 1/2_javascript skills

If you have a bad memory like the author, you may not be able to remember people’s names at all. When I meet people, I mostly just nod, ask "Did you eat?", and expect the greeting to end there
. If I needed to express something, then I would have to resort to some cunning techniques to help me figure out who the other person was. For example, talking nonsense about someone related to the other person, no matter how far apart they are, as long as it can avoid the embarrassment of not remembering the other person's name: "How about your next door neighbor's nephew's cute puppy Mephistopheles? "Through this method, I hope to make the other person feel that I really
value him (her) and even remember these trivial things, although in fact I have forgotten even the name. However, it’s not that I don’t pay attention, it’s that my memory is really bad, and there are too many names
to remember. If I could set cookies for everyone, I wouldn't have this memory problem again.

In this article, we are going to learn:

1. What are Cookies?
2. The composition of Cookies
3. Manipulating Cookies
4. Cookie Monster

What are Cookies?

You may ask, what are cookies? A cookie is a small amount of data saved by the browser on the user's computer. It is associated with a specific WEB page or WEB site and is automatically passed between the WEB browser and
WEB server.

For example, if you are running a Windows operating system and use Internet Explorer to surf the Internet, then you will find a subdirectory under your "Windows" directory called
"Temporary Internet Files". If you take a look at this directory at some point, you'll notice that there are files in there with names that look just like email addresses. For example, in the directory
on my machine, there is a file like "jim@support.microsoft.com". This is a cookie file. Where does this file come from? Guess it, it comes from Microsoft’s support site
dot. By the way, this is not my email address, just to clarify.

Cookies are a great solution for managing small, unimportant details that you don’t want to store in a central database. (That’s not to say that everyone’s names don’t matter.) For example, there are currently a growing number of customization services on the site that can customize the content that each user wants to see. If you were designing a site like this, how would you manage the information that one user
likes a green menu bar, while another prefers a red one. A tiring question indeed. However, such information can be safely recorded in cookies and saved on the user's computer, and your own database space can be reserved for longer-term and more meaningful data.

FYI: Cookies are often useful for security purposes. I don’t want to get too deep into this issue here, but just provide an example of how you can use
cookies that expire after a certain period of time to keep your site secure:

1. Using a username and password, pass SSL login.
2. Check the username and password in the server's database. If the login is successful, create a message digest of the current time stamp (such as MD5) and save it in the cookie and server database. Save the user's login time in the user record in the server database.
3. When performing each security transaction (any transaction in which the user is logged in), compare the cookie message digest with the digest stored in the server database. If the comparison fails,
direct the user to Login interface.
4. If the check in step 3 passes, then check whether the elapsed time between the current time and the login time exceeds the allowed time length. If the user has timed out, the user will be directed to the login
interface.
5. If steps 3 and 4 are passed, then reset the login time to the current time and allow the transaction to occur. Most of those secure sites that require you to log in may use a method similar to the one introduced here
.
Composition of Cookies

Cookies were originally designed for CGI programming. However, we can also use Javascript scripts to manipulate cookies. In this article, we will demonstrate how to use Javascript script
to manipulate cookies. (If there is demand, I may introduce how to use Perl for cookie management in a future article. But if you really can’t wait, then I will teach you now:
Take a closer look at CGI.pm. In this CGI package there are A cookie() function can be used to create cookies. However, let us first introduce the nature of cookies.

In Javascript, a cookie is actually a string attribute when you read it. value, you will get a string containing the names and values ​​of all cookies
used by the current WEB page. In addition to the two attributes of name and value, each cookie also has four attributes: expires expiration time, path, domain,
and secure security.Expires – Expiration time. Specify cookie lifetime. Specifically, the value is the expiration date. If you want the cookie to last longer than the current browser session, you must use this attribute
. When the expiration date has passed, the browser can delete the cookie file without any impact.

Path – path. Specify the WEB page associated with the cookie. The value can be a directory or a path. If http://www.zdnet.com/devhead/index.html creates a
cookie, then all pages in the http://www.zdnet.com/devhead/ directory, and any pages under the directory This cookie can be accessed by pages in subdirectories. This means
that any page in http://www.zdnet.com/devhead/stories/articles can access the cookie created by http://www.zdnet.com/devhead/index.html.
However, what should we do if http://www.zdnet.com/zdnn/ needs to access the cookies set by http://www.zdnet.com/devhead/index.html? At this time, we need to set the path attribute of
cookies to "/". When specifying a path, all WEB pages that come from the same server and have the same path in the URL can share cookies. Now look at another
example: If you want http://www.zdnet.com/devhead/filters/ and http://www.zdnet.com/devhead/stories/ to share cookies, you need to set the path to "
/devhead".

Domain – domain. Specify the associated WEB server or domain. The value is the domain name, such as zdnet.com. This is an extension of the path attribute. What if we want
catalog.mycompany.com to be able to access the cookies set by shoppingcart.mycompany.com? We can set the domain attribute to "mycompany.com"
and set the path attribute to " /". FYI: You cannot set the cookies domain attribute to a value different from the domain of the server that sets it.

Secure – safe. Specifies how cookie values ​​are passed between the user and the WEB server over the network. The value of this attribute is either "secure" or empty. By default, this attribute
is empty, which means an insecure HTTP connection is used to transfer data. If a cookie is marked as secure, then data is transferred between it and the WEB server through HTTPS or other secure protocols
. However, setting the secure attribute does not mean that others cannot see the cookies saved locally on your machine. In other words, setting the cookie to secure only ensures that the data transmission process between the cookie and the WEB
server is encrypted, and the cookie file stored locally is not encrypted. If you want local cookies to be encrypted, you have to encrypt the data yourself.




Manipulating Cookies

Remember, a cookie is just a string attribute of the document. To save cookies, just create a string in the format name=