我在Firefox中注意到在查看Cookie时我保存的值是加密的。 CakePHP Book指出默认情况下write()上的值已加密。我的假设是它们会在read()上自动解密。我似乎无法在文档中找到任何陷阱。
其他人遇到过这个问题?我确定我错过了一些东西..设置的值是一个整数是否重要?
我已相应地为Cookie组件设置了密钥。
$this->Cookie->key = 'qs#$XOw!';
答案 0 :(得分:3)
如果安装了Suhosin安全补丁,由于某种原因解密根本不起作用。引荐问题和可能的解决方法:http://groups.google.com/group/cake-php/browse_thread/thread/7e6cda2e03a7c54/b685c58394d86f50?lnk=gst&q=decrypt+cookie#b685c58394d86f50
答案 1 :(得分:0)
在CakePHP 2.2版中更改
添加了'rijndael'加密类型。这解决了我的问题。
http://book.cakephp.org/2.0/en/core-libraries/components/cookie.html
<强>历史:
http://cakephp.lighthouseapp.com/projects/42648/tickets/471-securitycipher-function-cannot-decrypt
<强>测试
class AppController extends Controller {
function beforeFilter()
{
// Using "rijndael" encryption because the default "cipher" type of encryption fails to decrypt when PHP has the Suhosin patch installed.
// See: http://cakephp.lighthouseapp.com/projects/42648/tickets/471-securitycipher-function-cannot-decrypt
$this->Cookie->type('rijndael');
// When using "rijndael" encryption the "key" value must be longer than 32 bytes.
$this->Cookie->key = 'qSI2423424ASadsadasd2131242334SasdadAWQEAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';
// Works
$result = $this->Cookie->read('Test.rijndael');
var_dump($result);
$this->Cookie->write('Test.rijndael', 'foo');
// Fails
$this->Cookie->type('cipher');
$result = $this->Cookie->read('Test.cipher');
var_dump($result);
$this->Cookie->write('Test.cipher', 'foo');
}
}