In the HTTP protocol, a cookie is a small piece of data sent by the server to the client. It is used to store information on the client and send this information in subsequent requests. Return to server. Each cookie has properties that control its behavior and influence its usage. The following are common attributes of cookies:
Name: The identifier of the cookie, used to transfer data between the client and the server.
Value: The value associated with the cookie, which can be any string.
Domain: Specify the domain name that can access the cookie. If not set, it defaults to the domain name of the page that created the cookie.
Path: Specify the path where the cookie can be accessed. If not set, it defaults to the path of the web page that created the cookie.
Expiration time (Expires): Specify the expiration time of the cookie, which is the point in time when the cookie will be automatically deleted. If not set, the cookie is deleted when the user closes the browser.
Security flag (Secure): If this flag is set, it means that the cookie can only be transmitted through an encrypted protocol (such as HTTPS).
HttpOnly flag (HttpOnly): If this flag is set, the cookie can only be transmitted through the HTTP protocol and cannot be accessed through scripting languages such as JavaScript. This helps prevent cross-site scripting attacks (XSS).
In addition to the above attributes, there are some other Cookie attributes, such as SameSite (specifies whether the Cookie should only be sent to websites with the same origin as the website that created the Cookie), etc.
It should be noted that the support level of Cookie attributes varies from browser to browser, and different versions of browsers may support different attributes. When writing web applications, you should take these compatibility issues into consideration and avoid using obsolete or unsupported properties whenever possible.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
