Give the clients a pass, one for each person, whoever visits must bring their own pass. In this way, the server can confirm the identity of the client from the pass. This is how cookies work.
Cookies can be banned by users
. Cookies will save the state on the browser side, which is not safe. For sensitive data that needs to be encrypted before using Cookies to save
Cookies can only save a small amount of data, about 4kb or so
the number of
cookies is limited. Cookies can only save strings, and cannot put Chinese strings
Different browsers have different viewing methods; take the Chrome browser as an example, click the icon in front of the URL to view the cookie information, such as:
or right-click to check the element.
Example:
Requirements:
1) Run TestCookieServlet and save the username and pwd information to the Cookie And return to the client.
2) Run GetCookieServlet again to get the Cookie and display it
TestCookieServlet:
// 创建cookie对象
Cookie username=new Cookie("username","Alice");
Cookie pwd=new Cookie("pwd","abc123");
// 将Cookie保存到响应中
response.addCookie(username);
response.addCookie(pwd);
Visit TestCookieServlet in the browser, http://localhost:8080/chapter04/TestCookieServlet;
you can see that locahost saves two cookie information to the client:
GetCookieServlet:
// 获取当前请求中的所有Cookie对象
Cookie[] cookies=request.getCookies();
// 输出所有Cookie的名字和值
if(cookies==null){
out.println("没有Cookie。");
return;
}
for(Cookie c:cookies){
out.println(c.getName()+"="+c.getValue());
}
4. Set cookie lifetime
Modify TestCookieServlet
// 创建cookie对象
Cookie username=new Cookie("username","Alice");
Cookie pwd=new Cookie("pwd","abc123");
// 设置cookie的生命时间,24小时内有效
username.setMaxAge(24*3600);
pwd.setMaxAge(24*3600);
// 将Cookie保存到响应中
response.addCookie(username);
response.addCookie(pwd);
Run TestCookieServlet first to ensure that the cookie information is saved to the client;
then run GetCookieServlet to obtain the cookie and display it;
after adjusting the time to 24 hours, visit GetCookieServlet again, and find that the cookie no longer exists.
If the setMaxAge method is not used to set the cookie with the maximum life time If the browser is closed, it will become invalid;
5. To solve the problem of the Chinese encoding of the
cookie, the value of the cookie can only be ASCII characters; Chinese needs to be converted into ASCII code form; use
URLEncoder.encode() method and URLDecoder.decode() method to achieve.
EncodeServlet:
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
//编码
String username = URLEncoder.encode("李想", "utf-8");
String country = URLEncoder.encode("中国", "utf-8");
//创建cookie
Cookie cookie1 = new Cookie("username", username);
Cookie cookie2 = new Cookie("country", country);
//添加响应的cookie
response.addCookie(cookie1);
response.addCookie(cookie2);
}
DecodeServlet
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
Cookie[] cookies = request.getCookies();
if(cookies!=null){
for(Cookie cookie:cookies){
String name = URLDecoder.decode(cookie.getName(), "utf-8");
String value = URLDecoder.decode(cookie.getValue(), "utf-8");
out.println(name+":");
out.println(value+"<br/>");
}
}
else{
out.println("<h4>没有 cookies</h4>");
}
out.close();
}
Visit encodeCookie, view the response data packet
Visit decodeCookie, view page output
