Cookie安全属性设计：HttpOnly、Secure与SameSite

YBB 4 阅读 0 评论 0 点赞

Cookie安全属性设计：HttpOnly、Secure与SameSite概览合理的 Cookie 策略能显著降低前端安全风险。本文总结核心属性与域/路径设计原则。技术参数（已验证）HttpOnly：禁止 JS 读取，降低 XSS 窃取风险。Secure：仅在 HTTPS 传输，防止明文泄露。SameSite：控制跨站携带行为，结合 CSRF 防护使用。域/路径：缩小作用域，避免无关页面访问敏感 Cookie。实战清单会话与敏感标识启用 `HttpOnly+Secure`，并合理设置 `SameSite`。精准设置域与路径，避免过宽的共享范围。

点赞(0) 打赏

本文分类：Recovered Channel 1273
本文标签：安全前端 Cookie Cookie HttpOnly Secure SameSite
浏览次数：4 次浏览
发布日期：2026-02-14 03:01:36
本文链接：https://www.ybb.press/recovered-1273/667.html

上一篇 > Cookie 前缀：__Host- 与 __Secure- 安全约束
下一篇 > "COOP 深入：same-origin 隔离与 window.opener 安全"

评论列表共有 0 条评论

暂无评论

发表评论取消回复

微信公众账号

微信扫一扫加关注

发表
评论返回
顶部

基本文件流程错误 SQL 调试

/www/wwwroot/yebinbing/public/index.php ( 0.88 KB )
/www/wwwroot/yebinbing/thinkphp/start.php ( 0.72 KB )
/www/wwwroot/yebinbing/thinkphp/base.php ( 2.60 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Loader.php ( 21.07 KB )
/www/wwwroot/yebinbing/vendor/composer/autoload_static.php ( 10.49 KB )
/www/wwwroot/yebinbing/vendor/symfony/deprecation-contracts/function.php ( 0.98 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php80/bootstrap.php ( 1.50 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-mbstring/bootstrap.php ( 8.26 KB )
/www/wwwroot/yebinbing/vendor/ralouphie/getallheaders/src/getallheaders.php ( 1.60 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions_include.php ( 0.16 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions.php ( 5.54 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php73/bootstrap.php ( 0.99 KB )
/www/wwwroot/yebinbing/vendor/ezyang/htmlpurifier/library/HTMLPurifier.composer.php ( 0.10 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-helper/src/helper.php ( 2.88 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/common.php ( 15.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Route.php ( 60.23 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Config.php ( 6.38 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Hook.php ( 4.71 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Support/Helpers.php ( 2.54 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Helpers.php ( 1.89 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-captcha/src/helper.php ( 1.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Validate.php ( 42.78 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-queue/src/common.php ( 1.19 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Console.php ( 23.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Error.php ( 3.75 KB )
/www/wwwroot/yebinbing/thinkphp/convention.php ( 10.37 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/App.php ( 21.58 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Request.php ( 49.78 KB )
/www/wwwroot/yebinbing/application/config.php ( 11.96 KB )
/www/wwwroot/yebinbing/application/database.php ( 2.25 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Env.php ( 1.21 KB )
/www/wwwroot/yebinbing/application/extra/addons.php ( 1.20 KB )
/www/wwwroot/yebinbing/application/extra/apibbj.php ( 0.86 KB )
/www/wwwroot/yebinbing/application/extra/queue.php ( 0.55 KB )
/www/wwwroot/yebinbing/application/extra/site.php ( 0.89 KB )
/www/wwwroot/yebinbing/application/extra/upload.php ( 1.05 KB )
/www/wwwroot/yebinbing/application/tags.php ( 1.23 KB )
/www/wwwroot/yebinbing/application/common.php ( 15.57 KB )
/www/wwwroot/yebinbing/thinkphp/helper.php ( 17.30 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Debug.php ( 7.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Log.php ( 6.05 KB )
/www/wwwroot/yebinbing/addons/cms/Cms.php ( 6.48 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/Addons.php ( 7.64 KB )
/www/wwwroot/yebinbing/addons/signin/Signin.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cropper/Cropper.php ( 0.65 KB )
/www/wwwroot/yebinbing/addons/nkeditor/Nkeditor.php ( 1.35 KB )
/www/wwwroot/yebinbing/addons/prism/Prism.php ( 2.04 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cache.php ( 6.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/driver/File.php ( 7.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/Driver.php ( 5.98 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/View.php ( 6.77 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/view/driver/Think.php ( 5.64 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Template.php ( 44.92 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/template/driver/File.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cms/config.php ( 28.18 KB )
/www/wwwroot/yebinbing/application/common/behavior/Common.php ( 3.02 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Lang.php ( 7.42 KB )
/www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php ( 11.81 KB )
/www/wwwroot/yebinbing/application/route.php ( 1.08 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ( 3.35 KB )
/www/wwwroot/yebinbing/application/common/lang/zh-cn/addon.php ( 6.09 KB )
/www/wwwroot/yebinbing/extend/fast/Form.php ( 39.79 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/config/driver/Ini.php ( 0.83 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Url.php ( 12.72 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Archives.php ( 5.85 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Base.php ( 3.75 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Controller.php ( 7.08 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Controller.php ( 6.07 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/controller/Jump.php ( 4.92 KB )
/www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php ( 5.58 KB )
/www/wwwroot/yebinbing/application/common/library/Auth.php ( 15.50 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cookie.php ( 8.17 KB )
/www/wwwroot/yebinbing/application/common/model/Config.php ( 6.71 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Model.php ( 69.55 KB )
/www/wwwroot/yebinbing/addons/cms/library/Service.php ( 28.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Db.php ( 6.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/connector/Mysql.php ( 3.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Connection.php ( 29.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Query.php ( 93.80 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/builder/Mysql.php ( 4.53 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Builder.php ( 31.81 KB )
/www/wwwroot/yebinbing/addons/cms/model/Archives.php ( 22.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/model/SoftDelete.php ( 4.86 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/BelongsTo.php ( 7.75 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/OneToOne.php ( 10.03 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Relation.php ( 3.61 KB )
/www/wwwroot/yebinbing/addons/cms/model/Channel.php ( 19.14 KB )
/www/wwwroot/yebinbing/addons/cms/model/Modelx.php ( 1.97 KB )
/www/wwwroot/yebinbing/addons/cms/model/Fields.php ( 3.46 KB )
/www/wwwroot/yebinbing/addons/cms/model/SpiderLog.php ( 1.75 KB )
/www/wwwroot/yebinbing/addons/cms/model/Tag.php ( 6.98 KB )
/www/wwwroot/yebinbing/addons/cms/model/Autolink.php ( 0.57 KB )
/www/wwwroot/yebinbing/application/common/model/User.php ( 4.22 KB )
/www/wwwroot/yebinbing/runtime/temp/388d6f0b5bff3196cdb77891cfa4196c.php ( 32.66 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Session.php ( 10.86 KB )
/www/wwwroot/yebinbing/extend/fast/Tree.php ( 15.55 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Collection.php ( 2.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Collection.php ( 11.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Expression.php ( 1.11 KB )
/www/wwwroot/yebinbing/addons/cms/model/Comment.php ( 9.37 KB )
/www/wwwroot/yebinbing/addons/cms/library/Bootstrap.php ( 5.49 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Paginator.php ( 9.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Response.php ( 8.28 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/debug/Html.php ( 4.17 KB )

[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.000091s ]
[ CACHE ] INIT File
[ BEHAVIOR ] Run \addons\cms\Cms @app_init [ RunTime:0.009451s ]
[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.009603s ]
[ BEHAVIOR ] Run app\common\behavior\Common @app_init [ RunTime:0.001541s ]
[ LANG ] /www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php
[ BEHAVIOR ] Run app\common\behavior\Common @app_dispatch [ RunTime:0.000120s ]
[ ROUTE ] array ( 'type' => 'method', 'method' => array ( 0 => '\\think\\addons\\Route', 1 => 'execute', ), 'var' => array ( 'addon' => 'cms', 'controller' => 'archives', 'action' => 'index', ), )
[ HEADER ] array ( 'cf-visitor' => '{"scheme":"https"}', 'cf-ipcountry' => 'US', 'cf-connecting-ip' => '216.73.216.35', 'cdn-loop' => 'cloudflare; loops=1', 'user-agent' => 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])', 'accept-encoding' => 'gzip, br', 'accept' => '*/*', 'cf-ray' => '9cee6e3c7d96984a-CMH', 'connection' => 'close', 'remote-host' => '104.23.243.207', 'x-forwarded-port' => '80', 'x-forwarded-host' => 'ybb.press', 'x-forwarded-proto' => 'http', 'x-forwarded-for' => '216.73.216.35, 104.23.243.207', 'x-real-port' => '14169', 'x-real-ip' => '104.23.243.207', 'host' => 'ybb.ybb.press', 'content-length' => '', 'content-type' => '', )
[ PARAM ] array ( 'catename' => 'recovered-1273', 'id' => '667', )
[ RUN ] think\addons\Route->execute[ /www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ]
[ LANG ] /www/wwwroot/yebinbing/public/../application/common/lang/zh-cn/addon.php
[ BEHAVIOR ] Run app\common\behavior\Common @addon_begin [ RunTime:0.004623s ]
[ LANG ] /www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php
[ DB ] INIT mysql
[ VIEW ] /www/wwwroot/yebinbing/addons/cms/view/default/show_news.html [ array ( 0 => 'config', 1 => 'user', 2 => 'site', 3 => '__CHANNEL__', 4 => 'isWechat', 5 => '__ARCHIVES__', 6 => '__MODEL__', ) ]
[ SESSION ] INIT array ( 'id' => '', 'var_session_id' => '', 'prefix' => 'think', 'type' => '', 'auto_start' => true, )
[ BEHAVIOR ] Run \addons\cms\Cms @view_filter [ RunTime:0.000308s ]

1.725270s

ShowPageTrace