问题
Laravel 框架内,因为安全的原因考虑,默认对所有 cookie 进行加密存储。
有些时候,你想设置一个 Cookie 是不加密的,例如想用来跟 JS 交互,JS 可以直接读取到明文,可是以下面的代码设置后:
Cookie::queue('cookie_for_js', 'can you read me?', 99999999);
得到的却是这个:
解决方案
添加到 App\Http\Middleware\EncryptCookies
的 排除名单
中:
<?phpnamespace App\Http\Middleware;use Illuminate\Cookie\Middleware\EncryptCookies as BaseEncrypter;class EncryptCookies extends BaseEncrypter{ /** * The names of the cookies that should not be encrypted. * * @var array */ protected $except = [ 'cookie_for_js', ];}
即可。
去除 HTTP ONLY
对了,如果要给 JS 读取的话,要把 cookie 的 http only
属性去掉,请使用以下代码:
Cookie::queue('cookie_for_js', 'can you read me?', $minutes = 99999999, $path = null, $domain = null, $secure = false, $httpOnly = false);
Practice makes perfect.