Cookie
- Cookie is a technique for the server to notify the client to save key-value pairs
- After the client has a cookie, each request is sent to the server
- The size of each cookie does not exceed 4kb
Note that the
cookie value does not contain spaces, square brackets, parentheses, equal signs, commas, double quotes, slashes, question marks, at signs, colons and semicolons. Null values behave differently on all browsers. Need to use BASE64 encoding.
Cookie life control
setMaxAge()
- A positive number, which means it expires after the specified number of seconds
- A negative number means that the cookie will be deleted as soon as the browser is closed
- Zero, means delete immediately
CookiePath attribute
Cookie path attribute can effectively filter those sent to the server and those not sent.
The path attribute is effective to filter by the requested address
CookieA path=/project path
CookieB path=/project path/abc
The request address is as follows:
http://ip:port/project path/a.html
CookieA sends
CookieB does not send
http://ip:port/project path/abc/a.html
CookieA sends
CookieB sends
Session
- Session is an interface
- Session is a session, it is a technology used to maintain a client and server
- Each client has its own session technology
- In the Session session, we often use to save the information after the user logs in
Get Session
request.getSession()
The first call is:
After the Session() is created , the calls are: Get the Session() session object
created before isNew(): Determine whether it is just created (new)
each The session has an ID number. That is, the ID value. And this ID is unique. getID() gets the session id value of Session.
Session life control
getMaxInactiveInternal() to get the timeout of Session
The default timeout duration of the session can be configured in the tomcat server.
Note
Every time you click the browser, the session time will be reset, and the session will not be destroyed if you keep refreshing the page.
invalidate() Let the current Session expire immediately.
Note After
closing the browser, the JESSIONID will be destroyed locally, so the Session will become invalid after closing the browser.
Case
Three cases of repeated
submission of the form One: After submitting the form. The server uses request redirection to perform page redirection. At this time, the user presses the function key F5 to initiate the last request. Cause the form to submit the problem repeatedly. Solution: Use redirection to jump.
Two: The user submits the server normally, but due to network delays and other reasons, the server has not received the corresponding amount. At this time, the user thinks that the submission has failed, and will be anxious, and then clicks a few more submission operations. It will also cause repeated submissions of the form.
Three: The user submits the server normally. The server did not delay, but after the submission was completed, the user returned to the browser. repeated submit. It will also cause the form to be resubmitted to
solve the
situation. The first situation uses the redirect technology. The
situation two and three use the verification code to solve