Cookie overview
In the previous section, an immutable framework was used to store shopping column data, while the product display page was constantly changing. Although this can achieve a function of simulating global variables, it is not rigorous. For example, if you right-click within the navigation frame page and click the [Refresh] command in the shortcut menu, all JavaScript variables will be lost. Therefore, to achieve strict cross-page global variables, this method is not feasible. Another mechanism in JavaScript: cookies can meet the requirements of true global variables.
A cookie is a mechanism provided by the browser that provides the cookie attribute of the document object to JavaScript. It can be controlled by JavaScript and is not a property of JavaScript itself. A cookie is a file stored on the user's hard drive. This file usually corresponds to a domain name. When the browser accesses the domain name again, the cookie is made available. Therefore, cookies can span multiple web pages under one domain name, but cannot be used across multiple domain names.
Different browsers implement cookies differently, but their properties are the same. For example, in Windows 2000 and Windows xp, cookie files are stored in the documents and settingsuserNamecookie folder. The usual naming format is: userName@domain.txt.
The cookie mechanism stores information on the user's hard drive, so it can be used as a global variable. This is one of its biggest advantages. It can be used in the following situations.
? Save user login status. For example, the user ID is stored in a cookie so that the user does not need to log in again when he visits the page next time. Many forums and communities now provide this function. Cookies can also set an expiration time. When the time limit expires, the cookie will automatically disappear. Therefore, the system can often prompt users to stay logged in: common options are one month, three months, one year, etc.
? Track user behavior. For example, a weather forecast website can display local weather conditions based on the region selected by the user. If you need to select the location every time, it will be cumbersome. When cookies are used, it will become more user-friendly. The system can remember the area visited last time. When the page is opened next time, it will automatically display the last user. Weather conditions in your area. Because everything is done in the background, such a page is as if it is customized for a certain user and is very convenient to use.
? Customized page. If the website provides the function of changing the skin or changing the layout, cookies can be used to record the user's options, such as background color, resolution, etc. When the user visits next time, the interface style of the last visit can still be saved.
? Create a shopping cart. Just like in the previous example, cookies are used to record the items that the user needs to purchase, and they can be submitted uniformly during checkout. For example, Taobao uses cookies to record the products that users have browsed so that they can be compared at any time.
Of course, the above applications are only some of the applications that cookies can complete, and there are more functions that require global variables. The disadvantages of cookies mainly focus on security and privacy protection. Mainly include the following types:
? Cookies may be disabled. When a user pays great attention to personal privacy protection, he is likely to disable the cookie function of the browser;
? Cookies are related to the browser. This means that even if you visit the same page, cookies saved by different browsers cannot be accessed by each other;
? Cookies may be deleted. Because each cookie is a file on the hard disk, it is likely to be deleted by the user;
? Cookie security is not high enough. All cookies are recorded in files in the form of plain text, so if you want to save username, password and other information, it is best to encrypt it in advance.
Set cookies
Each cookie is a name/value pair. You can assign the following string to document.cookie:
document.cookie="userId=828";
If you want To store multiple name/value pairs at one time, you can use semicolons and spaces (; ) to separate them, for example:
document.cookie="userId=828; userName=hulk";
In the name or value of the cookie Semicolons (;), commas (,), equal signs (=), and spaces cannot be used. It's easy to do this in the name of the cookie, but the value to be saved is undefined. How to store these values? The method is to use the escape() function to encode, which can use hexadecimal representation of some special symbols. For example, spaces will be encoded as "20%", which can be stored in the cookie value, and using this solution can also avoid The emergence of Chinese garbled characters. For example:
document.cookie="str=" escape("I love ajax");
Equivalent to:
document.cookie="str=I love ajax";
When using escape( ) encoding, you need to use unescape() to decode after taking out the value to get the original cookie value, which has been introduced before.
Although document.cookie looks like a property and can be assigned different values.But it is different from general attributes. Changing its assignment does not mean losing the original value. For example, executing the following two statements continuously:
document.cookie="userId=828";
document.cookie= "userName=hulk";
At this time, the browser will maintain two cookies, namely userId and userName, so assigning a value to document.cookie is more like executing a statement like this:
document.addCookie("userId=828 ");
document.addCookie("userName=hulk");
In fact, the browser sets cookies in this way. If you want to change the value of a cookie, you only need to reassign it, for example:
document.cookie="userId=929";
This sets the cookie value named userId to 929.
Get the value of the cookie
The following describes how to get the value of the cookie. The value of the cookie can be obtained directly from document.cookie:
var strCookie=document.cookie;
This will get a string consisting of multiple name/value pairs separated by semicolons. These name/value pairs Includes all cookies under this domain name. For example:
Figure 7.1 shows the output cookie value. It can be seen that you can only obtain all cookie values at once, but you cannot specify the cookie name to obtain the specified value. This is the most troublesome part of processing cookie values. Users must analyze this string themselves to obtain the specified cookie value. For example, to obtain the value of userId, this can be achieved:
In this way, the value of a single cookie is obtained
Using a similar method, you can obtain the value of one or more cookies. The main technique is still the related operations of strings and arrays.
Set expiration date for cookies
Up to now, all cookies are single-session cookies, that is, these cookies will be lost after the browser is closed. In fact, these cookies are only stored in memory, and The corresponding hard disk file is not created.
In actual development, cookies often need to be saved for a long time, such as saving the user's login status. This can be achieved using the following options:
document.cookie="userId=828; expires=GMT_String";
where GMT_String is a time string expressed in GMT format. This statement sets the userId cookie It is the expiration time represented by GMT_String. After this time, the cookie will disappear and become inaccessible. For example: If you want to set a cookie to expire after 10 days, you can do it like this:
Delete cookie
In order to delete a cookie, you can set its expiration time to a time in the past , for example:
Specify the path where the cookie can be accessed
By default, if a cookie is created on a page, other pages in the directory where the page is located can also access the cookie. If there are subdirectories under this directory, you can also access it in the subdirectories. For example, a cookie created in www.xxxx.com/html/a.html can be accessed by www.xxxx.com/html/b.html or www.xxx.com/html/some/c.html, but Cannot be accessed by www.xxxx.com/d.html.
In order to control the directory that cookies can access, you need to use the path parameter to set cookies. The syntax is as follows:
document.cookie="name=value; path=cookieDir";
where cookieDir represents the directory where cookies can be accessed. For example:
document.cookie="userId=320; path=/shop";
means that the current cookie can only be used in the shop directory.
If you want to make cookies available throughout the website, you can specify cookie_dir as the root directory, for example:
document.cookie="userId=320; path=/";
Specify The host name that can access cookies
is similar to the path. The host name refers to different hosts under the same domain. For example: www.google.com and gmail.google.com are two different host names. By default, cookies created in one host cannot be accessed in another host, but they can be controlled through the domain parameter. The syntax format is:
document.cookie="name=value; domain=cookieDomain";
Take google as an example. To achieve cross-host access, you can write:
document.cookie="name=value;domain=.google.com";
In this way, all google Hosts under .com can access this cookie.
Comprehensive example: Constructing a universal cookie processing function
The cookie processing process is relatively complex and has certain similarities. Therefore, several functions can be defined to complete common cookie operations, thereby achieving code reuse. Common cookie operations and their function implementations are listed below.
1. Add a cookie: addCookie(name, value, expireHours)
This function receives 3 parameters: cookie name, cookie value, and how many hours it will expire. It is agreed here that when expireHours is 0, no expiration time is set, that is, the cookie disappears automatically when the browser is closed. The function is implemented as follows:
2. Get the cookie value of the specified name: getCookie(name) <script> <BR><!-- <BR>document.cookie="userId=828"; <BR>document.cookie="userName=hulk"; <BR>var strCookie=document.cookie; <BR>alert(strCookie); <BR>//--> <BR></script>This function returns the cookie value named name. If it does not exist, it returns empty. Its implementation is as follows: <script> <BR><!-- <BR>//设置两个cookie <BR>document.cookie="userId=828"; <BR>document.cookie="userName=hulk"; <BR>//获取cookie字符串 <BR>var strCookie=document.cookie; <BR>//将多cookie切割为多个名/值对 <BR>var arrCookie=strCookie.split("; "); <BR>var userId; <BR>//遍历cookie数组,处理每个cookie对 <BR>for(var i=0;i<arrCookie.length;i++){ <BR> var arr=arrCookie[i].split("="); <BR> //找到名称为userId的cookie,并返回它的值 <BR> if("userId"==arr[0]){ <BR> userId=arr[1]; <BR> break; <BR> } <BR>} <BR>alert(userId); <BR>//--> <BR></script><script> <BR><!-- <BR>//获取当前时间 <BR>var date=new Date(); <BR>var expireDays=10; <BR>//将date设置为10天以后的时间 <BR>date.setTime(date.getTime()+expireDays*24*3600*1000); <BR>//将userId和userName两个cookie设置为10天后过期 <BR>document.cookie="userId=828; userName=hulk; expire="+date.toGMTString(); <BR>//--> <BR></script> <script> <BR><!-- <BR>//获取当前时间 <BR>var date=new Date(); <BR>//将date设置为过去的时间 <BR>date.setTime(date.getTime()-10000); <BR>//将userId这个cookie删除 <BR>document.cookie="userId=828; expire="+date.toGMTString(); <BR>//--> <BR></script>3. Delete the cookie with the specified name: deleteCookie(name) <script> <BR><!-- <BR>function addCookie(name,value,expireHours){ <BR> var cookieString=name+"="+escape(value); <BR> //判断是否设置过期时间 <BR> if(expireHours>0){ <BR> var date=new Date(); <BR> date.setTime(date.getTime+expireHours*3600*1000); <BR> cookieString=cookieString+"; expire="+date.toGMTString(); <BR> } <BR> document.cookie=cookieString; <BR>} <BR>//--> <BR></script>This function can delete the cookie with the specified name. Its implementation is as follows: <script> <BR><!-- <BR>function getCookie(name){ <BR> var strCookie=document.cookie; <BR> var arrCookie=strCookie.split("; "); <BR> for(var i=0;i<arrCookie.length;i++){ <BR> var arr=arrCookie[i].split("="); <BR> if(arr[0]==name)return arr[1]; <BR> } <BR> return ""; <BR>} <BR>//--> <BR></script><script> <BR><!-- <BR>function deleteCookie(name){ <BR> var date=new Date(); <BR> date.setTime(date.getTime()-10000); <BR> document.cookie=name+"=v; expire="+date.toGMTString(); <BR>} <BR>//--> <BR></script>