先看源码
public class CookieOptions
{
/// <summary>
/// Creates a default cookie with a path of '/'.
/// </summary>
public CookieOptions()
{
Path = "/";
}
/// <summary>
/// Gets or sets the domain to associate the cookie with.
/// </summary>
/// <returns>The domain to associate the cookie with.</returns>
public string Domain { get; set; }
/// <summary>
/// Gets or sets the cookie path.
/// </summary>
/// <returns>The cookie path.</returns>
public string Path { get; set; }
/// <summary>
/// Gets or sets the expiration date and time for the cookie.
/// </summary>
/// <returns>The expiration date and time for the cookie.</returns>
public DateTime? Expires { get; set; }
/// <summary>
/// Gets or sets a value that indicates whether to transmit the cookie using Secure Sockets Layer (SSL)�that is, over HTTPS only.
/// </summary>
/// <returns>true to transmit the cookie only over an SSL connection (HTTPS); otherwise, false.</returns>
public bool Secure { get; set; }
/// <summary>
/// Gets or sets a value that indicates whether a cookie is accessible by client-side script.
/// </summary>
/// <returns>true if a cookie is accessible by client-side script; otherwise, false.</returns>
public bool HttpOnly { get; set; }
}
看一下cnblogs 的一些Cookie 其中 HttpOnly 设置是否可以被JS访问。 Secure 设置 是否只在HTTPs 下传输。
域 设置为 .cnblogs.com 可以与 i.cnblogs.com ; picture.cnblogs.com (如果有)共享Cookie。
浙公网安备 33010602011771号