@GetMapping("/setCookie") public ResponseMode<JSONObject> setCookie(HttpServletResponse response){ //create a cookie Cookie cookie = new Cookie("username","qimh"); //expires in 7 days cookie.setMaxAge(7 * 24 * 60 * 60); //安全cookie是僅經過加密的HTTPS鏈接發送到服務器的cookie。 安全cookie沒法經過未加密的HTTP鏈接傳輸到服務器。 //cookie.setSecure(false); //HttpOnly cookie用於防止跨站點腳本(XSS)攻擊,沒法經過JavaScript的Document.cookie API訪問。 當爲cookie設置HttpOnly標誌時,它告訴瀏覽器該服務器應該只訪問該特定cookie cookie.setHttpOnly(true); cookie.setPath("/"); //add cookie to response response.addCookie(cookie); JSONObject jsonObject = new JSONObject(); jsonObject.put("token1","123456"); return ResponseMode.success(jsonObject); }
參考鏈接:https://baijiahao.baidu.com/s?id=1640555035422789161&wfr=spider&for=pcjava