Return to Video

Cookie Domains - Web Development

  • 0:00 - 0:04
    So as we saw in the demos, the cookies can have extra parameters,
  • 0:04 - 0:05
    not just the value.
  • 0:05 - 0:08
    So, let me, let me draw anoth, an, an example cookie for you.
  • 0:08 - 0:10
    Here's a, here's an example set cookie header for
  • 0:10 - 0:13
    setting this cookie, whose name is name, nice and confusing.
  • 0:15 - 0:15
    Whose value is Steve.
  • 0:15 - 0:18
    And now we've added a couple extra parameters.
  • 0:18 - 0:20
    We've got semicolon to end the value.
  • 0:20 - 0:22
    We've added this domain parameter.
  • 0:22 - 0:27
    And this is what domain this cookie is relevant to.
  • 0:27 - 0:32
    So in this case, it is relevant to www.reddit.com and
  • 0:32 - 0:35
    this is the path that it's relevant to.
  • 0:35 - 0:38
    So the path is easier to explain.
  • 0:38 - 0:39
    basically, you can put whatever you want here and
  • 0:39 - 0:41
    then, in this case, this is the default path.
  • 0:41 - 0:46
    If you don't specify a path we just assume you mean slash.
  • 0:46 - 0:49
    And this is actually the most common use case of cookies.
  • 0:49 - 0:51
    You the cookie applies to all of the paths.
  • 0:51 - 0:55
    But if you want to restrict the cookie to a particular path, you can specify
  • 0:55 - 0:58
    that path here and the browser will make sure that the path you're requesting
  • 0:58 - 1:00
    starts with this value before it sends the cookie.
  • 1:00 - 1:04
    So the domain is much more interesting and much more complex.
  • 1:04 - 1:09
    And let's, let's talk about this a little bit so this means that basically, this
  • 1:09 - 1:14
    cookie will not get sent by the browser to the server unless the server's domain
  • 1:14 - 1:21
    is www.reddit.com or basically, ends with www.reddit.com.
  • 1:21 - 1:24
    So, domains that this work for are, for
  • 1:24 - 1:28
    example, www.reddit.com foo.www.reddit.com.
  • 1:28 - 1:33
    Domains that, that will not receive this cookie, would be for
  • 1:33 - 1:36
    example just reddit.com without the ww, or
  • 1:36 - 1:43
    bar.reddit.com because this cookie was restricted to www, so basically,
  • 1:43 - 1:49
    the, the site you're at has to begin, or I mean sorry end with www.reddit.com.
  • 1:49 - 1:54
    You can't set cookies to just .com, you have to have at least two periods.
  • 1:54 - 1:58
    So the minimum domain you can set a cookie for is .reddit.com.
  • 1:58 - 1:59
    If you try to set for
  • 1:59 - 2:03
    just reddit.com, the, that first period will automatically get added.
  • 2:03 - 2:04
    That controls,
  • 2:04 - 2:08
    the domain controls which domain a browser will send the cookie to.
  • 2:08 - 2:11
    What about, you know, can, can I have can I
  • 2:11 - 2:15
    have a web server at reddit.com that sets a cookie for google.com?
  • 2:15 - 2:16
    The answer is, no.
  • 2:16 - 2:20
    Similar to how the domain parameter restricts which domains a browser will
  • 2:20 - 2:25
    send a cookie to, the domain who's serving the request, the, the,
  • 2:25 - 2:27
    basically the domain of the web server, that, of,
  • 2:27 - 2:31
    of the webpage, you may only set a cookie to that domain or higher.
  • 2:31 - 2:36
    So if we're at www.reddit.com the browser will only accept cookies for
  • 2:36 - 2:40
    by default, www.reddit.com if there's no, no domain parameter.
  • 2:40 - 2:42
    If there is a domain parameter,
  • 2:42 - 2:47
    the only valid domains are www.reddit.com or reddit.com.
  • 2:47 - 2:53
    We can't set a cookie for bar.reddit.com or foo.reddit.com.
  • 2:53 - 2:58
    And, and this is to prevent you know, if you have multiple websites,
  • 2:58 - 3:02
    kind of sharing the same top-level domain, you know, halfspot.com for
  • 3:02 - 3:04
    example, you know, you don't, I,
  • 3:04 - 3:09
    I can't see a cookie on, in my app that affects the behavior of your app.
  • 3:09 - 3:15
    I can only set a cookie that get sent with www and with the top level.
  • 3:15 - 3:17
    That's how the domain restrictions work.
  • 3:17 - 3:18
    Let's have a little quiz.
Cím:
Cookie Domains - Web Development
Leírás:

more » « less
Video Language:
English
Team:
Udacity
Projekt:
CS253 - Web Development
Duration:
03:19
Udacity Robot edited Angol subtitles for 12-11 Cookie Domains
Udacity Robot edited Angol subtitles for 12-11 Cookie Domains
Cogi-Admin edited Angol subtitles for 12-11 Cookie Domains

English subtitles

Felülvizsgálatok Compare revisions