相同域名不同端口的两个应用，cookie名字、路径都相同的情况下，会覆盖吗

2023-02-08 08:02:51

首先答案是：

会的。

本地测试流程：

两个相同的应用，代码完全相同；只是部署在两个不同的tomcat；域名都是localhost

应用A：部署在http://localhost:8087/

应用B：部署在http://localhost:8089/

在intelj idea中很简单，建立两个不同的运行配置即可：

步骤1：清空所有cookie

步骤2、在8087发送请求，用chrome开发工具查看

可以看到，生成了cookie。

用我的cookie扩展（名字叫editThisCookie），可以看到该cookie貌似没有区分端口号。

步骤3、在8089上测试一下

结论：可以看到，在请求8089端口的应用时，把8087应用返回的cookie带过去了，所以标题的答案就是：

同域名情况下，cookie同名同路径的话，会被覆盖（路径不同是否会覆盖没测试，有兴趣的同学自己测下）

参考资料
http://blog.csdn.net/wangjun5159/article/details/52399497

附项目文件如下：

web.xml

<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"

         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee

         http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"

         version="3.1">

    <welcome-file-list>

        <welcome-file>login.jsp</welcome-file>

    </welcome-file-list>

    <!-- 登录过滤器 -->

    <filter>

        <filter-name>sessionFilter</filter-name>

        <filter-class>SessionFilter</filter-class>

    </filter>

    <filter-mapping>

        <filter-name>sessionFilter</filter-name>

        <url-pattern>*</url-pattern>

    </filter-mapping>

</web-app>

import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.*;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

import java.io.IOException;

/**

 * Email: caokunliang@sgrcr.com

 * Date: 2017/4/6

 * desc:登录页面不进该filter

 */

public class SessionFilter extends OncePerRequestFilter {

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {

        String uri = httpServletRequest.getRequestURI();

        System.out.println(uri);

        if (uri.contains("login.jsp") || uri.contains("index.jsp") || uri.contains("session")){

            filterChain.doFilter(httpServletRequest,httpServletResponse);

            return;

        }

        HttpSession session = httpServletRequest.getSession(false);

        if (session == null){

            //第一次访问，没带sessionid;下面的操作会默认创建一个session空间，并写cookie：jsessionid

            session = httpServletRequest.getSession(true);

        }else {

            //不是第一次访问的话，已经有session空间了

            System.out.println(session.getAttribute("SESSION"));

        }

        //判断session空间中有没有登录标识

        Boolean isLogin = (Boolean) session.getAttribute("isLogin");

        if (isLogin != null && isLogin.equals(Boolean.TRUE)){

            filterChain.doFilter(httpServletRequest,httpServletResponse);

        }else {

            //未登录

            httpServletResponse.sendRedirect("/login.jsp");

        }

    }

}

servlet:

import javax.servlet.ServletException;

import javax.servlet.annotation.WebServlet;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

import java.io.IOException;

// tag::class[]

@WebServlet("/session")

public class SessionServlet extends HttpServlet {

    @Override

    protected void doPost(HttpServletRequest req, HttpServletResponse resp)

            throws ServletException, IOException {

        String attributeName = req.getParameter("attributeName");

        String attributeValue = req.getParameter("attributeValue");

        HttpSession session = req.getSession(false);

        if (session == null){

            session = req.getSession(true);

        }

        System.out.println("SessionServlet" + session.getAttribute("SESSION"));

        if (attributeName.equals("ckl") && attributeValue.equals("123456")){

            session.setAttribute("isLogin", Boolean.valueOf(true));

            resp.sendRedirect(req.getContextPath() + "/index.jsp");

        }else {

            resp.sendRedirect(req.getContextPath() + "/login.jsp");

        }

    }

    private static final long serialVersionUID = 2878267318695777395L;

}

index.jsp

<!DOCTYPE html>

<html lang="en">

<title>Session Attributes</title>

<style type="text/css">

    body {

        padding: 1em;

    }

</style>

<head></head>

<body>

    <div class="container">

        <h1>Description</h1>

        <p>index.jsp</p>

        <h1>Try it</h1>

        <div>登录成功后主页</div>

        <hr/>

        <table class="table table-striped">

            <thead>

            <tr>

                <th>Attribute Name</th>

                <th>Attribute Value</th>

            </tr>

            </thead>

            <tbody>

            </tbody>

        </table>

    </div>

</body>

</html>

<!DOCTYPE html>

<html lang="en">

<title>Session Attributes</title>

<style type="text/css">

    body {

        padding: 1em;

    }

</style>

<head></head>

<body>

    <div class="container">

        <h1>Description</h1>

        <p>login.jsp</p>

        <h1>Try it</h1>

        <form class="form-inline" role="form" action="./session" method="post">

            <label for="attributeName">name</label>

            <input id="attributeName" type="text" name="attributeName"/>

            <label for="attributeValue">password</label>

            <input id="attributeValue" type="text" name="attributeValue"/>

            <input type="submit" value="Set Attribute"/>

        </form>

        <hr/>

        <table class="table table-striped">

            <thead>

            <tr>

                <th>name</th>

                <th>password</th>

            </tr>

            </thead>

            <tbody>

            </tbody>

        </table>

    </div>

</body>

</html>

码农公寓

相关文章