You are developing a web application and want to use cookies. Your domain is \"m

Question

You are developing a web application and want to use cookies. Your domain is "myapp.com", and you use several subdomains as well, such as "products.myapp.com" and "directory.myapp.com"

What attributes would you set in the set-Cookies response header to specify that:

The cookie should only be valid for one week.

The cookie should only be used via an SSL - encrypted channel.

That a cookie received from "directory.myapp.com" will be valid for "myapp.com" as well.

Note: You don't need give the specific values of the attributes or craft the entire headers(s). Just list the name(s) of the header(s) and attributes. Also specify which attribute(s) apply to each of the specifications above.

Explanation / Answer

The Set-Cookie HTTP response header is used to send cookies from the server to the user agent in web application.
Syntax : Set-Cookie: <cookie-name>=<cookie-value>;

?Here listing the name(s) of the header(s) and attributes for above requirement

Header : name : attributes
Set-Cookie: <Domain>=<domain-value>;
Set-Cookie: <Max-Age>=<non-zero-digit>;
Set-Cookie: Secure;

Multiple directives are also possible, for example:
Set-Cookie: <cookie-name>=<cookie-value>; Domain=<domain-value>; <Max-Age>=<non-zero-digit>; Secure;

Below specifying which attribute(s) apply to each of the specifications above.

Related Questions

Navigate

• Browse (All)
• Browse Y
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.