@GetMapping("/setCookie")
public ResponseMode<JSONObject> setCookie(HttpServletResponse response){
//create a cookie
Cookie cookie = new Cookie("username","qimh");
//expires in 7 days
cookie.setMaxAge(7 * 24 * 60 * 60);
//安全cookie是僅經過加密的HTTPS鏈接發送到服務器的cookie。 安全cookie沒法經過未加密的HTTP鏈接傳輸到服務器。
//cookie.setSecure(false);
//HttpOnly cookie用於防止跨站點腳本(XSS)攻擊,沒法經過JavaScript的Document.cookie API訪問。 當爲cookie設置HttpOnly標誌時,它告訴瀏覽器該服務器應該只訪問該特定cookie
cookie.setHttpOnly(true);
cookie.setPath("/");
//add cookie to response
response.addCookie(cookie);
JSONObject jsonObject = new JSONObject();
jsonObject.put("token1","123456");
return ResponseMode.success(jsonObject);
}
參考鏈接:https://baijiahao.baidu.com/s?id=1640555035422789161&wfr=spider&for=pcjava