Discover the location of cookies: Where exactly are they stored?

With the continuous development of Internet technology, it is common for us to browse information, shop, pay and other behaviors on the website. In order to facilitate users to browse the website, the website server will save some data on the user's browser. The next time the user visits the website, the data will be extracted for the server to use. One such mechanism for saving data is cookies. So, where are cookies stored? This article will discuss where cookies are stored and provide some code examples.

1. Cookie storage location

The browser saves cookies on the client side, so the storage location of cookies is determined by the specific browser implementation. Different browsers have different cookie storage locations. In mainstream browsers, the location where cookies are stored is as follows:

• Chrome: cookie information is stored in the %AppData%LocalGoogleChromeUser DataDefaultCookies file on the user's computer;
• Firefox: cookie information Saved in %AppData%RoamingMozillaFirefoxProfilesXXXX.defaultcookies.sqlite on the user's computer;
• Safari: Cookie information is saved in ~/Library/Cookies/cookies.binarycookies on the user's computer;
• Edge: Cookie information is stored in %AppData%LocalMicrosoftEdgeUser DataDefaultCookies;
• Internet Explorer: Cookie information is stored in C:Users usernameAppDataRoamingMicrosoftWindowsCookiesLow, but it has been gradually deprecated in systems after Windows 10.

In short, in most cases, cookie information is saved in local files, not on the remote server.

2. Cookie operation in JavaScript

Below we will introduce how to operate Cookie in JavaScript. Generally speaking, reading, adding, and deleting cookies are based on the document.cookie attribute.

Read the cookie value:

In JavaScript, you can read the cookie by:

function getCookie(name){
  var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)");
  if(arr=document.cookie.match(reg)){
    return decodeURIComponent(arr[2]);
  }else{
    return null;
  }
}

Use a regular expression to match the name of the cookie you are looking for, and then If a match is found, the value corresponding to the name is returned. It should be noted that since the cookie value may contain non-ASCII characters such as Chinese, it needs to be decoded (using the decodeURIComponent() method).

Add cookies:

In JavaScript, you can add cookies in the following ways:

function setCookie(name,value,duration){
  var exp = new Date();
  exp.setTime(exp.getTime() + duration * 24 * 60 * 60 * 1000);
  document.cookie = name + "=" + encodeURIComponent(value) + ";expires=" + exp.toGMTString() + ";path=/";
}

Among them, name represents the name of the cookie, value represents the value of the cookie, and duration represents The validity period of the cookie (in days). A Date object is used here to calculate the expiration time of the cookie, and then the cookie information is stored in document.cookie.

Delete cookies:

In JavaScript, you can delete cookies in the following ways:

function deleteCookie(name){
  var exp = new Date();
  exp.setTime(exp.getTime() - 1);
  var cval = getCookie(name);
  if(cval != null){
      document.cookie = name + "=" + cval + ";expires=" + exp.toGMTString() + ";path=/";
  }
}

Among them, name represents the name of the cookie. Here, the cookie's expiration time is set to a past time, and then stored in document.cookie.

3. Cookie operations in Node.js

In Node.js, you can use third-party libraries to conveniently operate cookies. Here we take the cookie-parser library as an example to introduce how to add, read, and delete cookies in Node.js.

Install cookie-parser:

Enter the following command in the terminal to install cookie-parser:

npm install cookie-parser

Add cookie:

In Node.js , you can add cookies in the following ways:

const cookieParser = require('cookie-parser');
app.use(cookieParser());
app.get('/setCookie',function(req,res){
  res.cookie('name','value',{maxAge: 900000, httpOnly: true });
  res.send('cookie added');
});

Among them, name represents the name of the cookie, value represents the value of the cookie, and maxAge represents the validity period of the cookie (in milliseconds).

Reading cookies:

In Node.js, you can read cookies in the following ways:

app.get('/getCookie',function(req,res){
  var value=req.cookies.name;
  res.send('cookie value:'+value);
});

Among them, name represents the name of the cookie.

Delete cookies:

In Node.js, you can delete cookies in the following ways:

app.get('/clearCookie',function(req,res){
  res.clearCookie('name');
  res.send('cookie cleared');
});

Among them, name represents the name of the cookie.

4. Conclusion

This article introduces the discussion of cookie storage location and cookie operation methods in JavaScript and Node.js. It should be noted that cookie information is not encrypted, so sensitive data should not be stored directly in cookies, but should be encrypted. In addition, you need to pay attention to the validity period of cookies to avoid security issues caused by expired cookies.

The above is the detailed content of Discover the location of cookies: Where exactly are they stored?. For more information, please follow other related articles on the PHP Chinese website!