Let me briefly talk about the Request and Response objects:
Request: When a client sends a request to a web application using a web browser, the client sends the client information to the server. The server receives an HTTP request, including all query string parameters or form parameters, cookie data, and browser information.
The Request object mainly allows the server to obtain some data of the client browser, including the parameters, cookies, and user authentication passed from the HTML form using the Post or GET method. Because the Request object is one of the members of the Page object, it can be used directly without any declaration in the program
Response : Encapsulates the response of the Webserver to the client request, used to manipulate the HTTP corresponding information, and returns the result to the requester. Both Request and Response have many attributes and methods. During the initial recognition stage, only the Redirect and Write methods of the Response object will be used. Form and QueryString collection of Request object
The Response object uses language to output data to the client, including exporting data to the browser, redirecting the browser to another URL, or exporting the cookie file to the browser
1、
Cookie is actually a small piece of text information (up to 4kb), which is saved on the client. The client requests the server. If the server needs to record the user status, it uses the response to issue a cookie to the client browser. The client browser can save cookies. When the browser requests the website again, the browser submits the requested URL together with the cookie to the server. The server checks the cookie to identify the user status. The service can also modify the contents of cookies as needed.
2 cookie related attributes
3. Simple authentication through cookies
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace 权限验证.Controllers
{
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Title = "Home Page";
// 模拟登录
//if (Request.Form["Type"].ToString() == "1")
Login();
return View();
}
public string GetCookie()
{
var cookie = Request.Cookies["UserInfo"];
if (cookie != null)
{
return $ "{cookie.Value}";
}
return "Please log in first";
}
public void Login ()
{
// Most browsers support cookie data around 4KB
string userName = Request.Form ["UserName"];
string passward = Request.Form ["Passward"];
{
if (userName == "hnzheng" && passward == "123")
{
// Creation method 1
{
HttpCookie httpCookie = new HttpCookie ("UserInfo");
// OK md5 Encrypt
httpCookie.Value = $ "{userName}|{passward}";
httpCookie.Domain = "localhost";
httpCookie.Expires = DateTime.Now.AddDays (1); // Set the expiration time
Response.Cookies.Add (httpCookie);
}
// Creation method 2
{
//Response.Cookies["UserInfo"]["Name "] = userName;
//Response.Cookies["UserInfo"]["Passward "] = passward;
//Response.Cookies["UserInfo"].Expires = DateTime.Now.AddDays (1);
}
}
else Response.Write (" Username or password is wrong ");;
}
}
var s = Request.Cookies ["UserInfo"];
public string LoginOut()
{
if (s! = null)
{
// The following sentence must have, the setting is invalid by modification, you ca n’t actually remove it by removing
s.Expires = DateTime.Now.AddDays (-30);
Response.Cookies.Add ( s);
// The following method is invalid
//Response.Cookies.Remove("UserInfo ");
}
return $" Exit Successful ";
}
}
}
front end:
4. Browser cross-domain issues, cookies are not shared between different domains, like two people you don't know, money cannot share. This problem can be solved with the help of domain. In the form of parent-child domains, all child domains use the cookie of the parent domain.
The following examples:
Main site: www.study.com
a website: a.study.com
b website: b.study.com
c website: c.study.com
The cookies of the above three websites are not shared with each other, so the domain of the cookie of the main site can be set to ".study.com"
So that all can use cookies,
Set the cookie of the master station:
(1) Solve the setting that three branches A, B and C can access the same cookie of the main station at the same time, the setting is set at the main station
HttpCookie tokenCookie = new HttpCookie("Name");
tokenCookie.Values.Add("Value", Value);
tokenCookie.Domain = ".study.com";
tokenCookie.Path = "/";
tokenCookie.Expires = DateTime.Now.AddDays(365);
Response.AppendCookie(tokenCookie);
(2) Clear cookies at substations:
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies ["CookieName"];
if (cookie! = Null)
{
cookie.Expires = System.DateTime.Now.AddDays (-1); // Set expired
cookie. Domain = ".passport.com"; // Set the main domain name, mainly this step
Response.Cookies.Add (cookie); // Apply Cookie Settings
}
After the above three steps, cross-domain access and clearing have been resolved. Any site A, B, and C can access the cookie of the main site. At the same time, when any site A, B, and C have cleared the cookie, then Cookies that other sites will get are worthless