自动登录返回的cookie如何得到 httponly javascript
response header中是
Set-Cookie: sso=r=2009896016&sid=&wsid=FF057B8A38313854B0DC40C8E15B6EF7;Path=/;Domain=tianya.cn;HttpOnly;Max-Age=2592000;Expires=Mon Mar 31 10:04:35 CST 2014
返回的数据是网页,里面有javascript代码设置cookie,生成的cookie和set-cookie里的不一样
这两个哪一个才是真正的cookie
网页运行返回的javascript 为什么没有生成本地的cookie,打开仍然是未登录的状态。返回的数据是html文件如下:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<base href="http://passport.tianya.cn:80/" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="expires" content="0" />
<title>登录中......</title>
<script>
document.cookie='user=w=buddhasson&id=75783140&f=1;expires='+(new Date(new Date().getTime()+2592000*1000)).toGMTString()+';path=/;domain=tianya.cn';
document.cookie='time=st=1j4k0P&ct='+parseInt(new Date().getTime()/1000)+'&et='+(parseInt(new Date().getTime()/1000)+2592000)+';expires='+(new Date(new Date().getTime()+2592000*1000)).toGMTString()+';path=/;domain=tianya.cn';
document.cookie='temp=k=259620719&s=&t=1393639475&b=573999a6c61ec47bc1f102b969c124eb;expires='+(new Date(new Date().getTime()+2592000*1000)).toGMTString()+';path=/;domain=tianya.cn';
document.cookie='right=web4=n&portal=n;expires='+(new Date(new Date().getTime()+2592000*1000)).toGMTString()+';path=/;domain=tianya.cn';
document.cookie='temp4=rm=f04a8ebc4441867413d47440f5faf52e;expires='+(new Date(new Date().getTime()+2592000*1000)).toGMTString()+';path=/;domain=tianya.cn';
</script>
</head>
<body>
<script>
location.href="http://passport.tianya.cn:80/loginbuffer2.jsp?fowardurl=http%3A%2F%2Fbbs.tianya.cn%2Flist-develop-1.shtml&userthird=®Orlogin=%E7%99%BB%E5%BD%95%E4%B8%AD......&cookieTime=1393639475&portalValue=&rightCookie=false&rmCookieCode=f04a8ebc4441867413d47440f5faf52e&isActivatedUser=true&idWriter=75783140&writer=buddhasson&intKey=259620719&chvSysGradeList=null&sysGrade=null&flag=39c05415a243c245a27089c5e15e340f&rmCode=true&rmFlag=1&wsid=FF057B8A38313854B0DC40C8E15B6EF7&r=2009896016";
</script>
</body>
</html>
把这个数据保存为网页运行,仍然没有登录成功,这是为什么