1. Introduction to Cookie Session Tracking Technology
Session tracking is a technique commonly used in web programs to track a user's entire session. Commonly used session tracking technologies are cookies and sessions. Cookies determine user identity by recording information on the client side, and can save temporary data on the client side.
Since the birth of cookie technology, it has become a focus of debate among the vast number of Internet users and Web developers. Some Internet users, including some senior Web experts, are also dissatisfied with its generation and promotion. This is not because the function of Cookie technology is too weak or other technical performance reasons, but because the use of Cookie has an impact on Internet users. Privacy constitutes a hazard. Because a cookie is a small text file stored on a user's browser by a web server, it contains information about the user.
Cookie technology comes from the rapid development of HTTP protocol on the Internet. With the deep development of the Internet, limitations such as bandwidth do not exist, and people need to maintain an active state with the server when they need more complex Internet interactions. Therefore, in the early stage of browser development, in order to meet the needs of users, various means of maintaining the state of Web browsing were technically introduced, including Cookie technology. In 1993, Netscape employee Lou Montulli invented the widely used cookie in order to allow users to further improve the access speed when visiting a website, and also to further realize the personalization of the network.
A cookie is a way that a server or script can maintain information on a client's workstation under the HTTP protocol. A cookie is a small text file stored on a user's browser (client) by a web server and can contain information about the user. Web sites can access cookie information whenever a user connects to the server.
Currently some cookies are temporary and some are persistent. Temporary cookies are only stored on the browser for a specified period of time. Once the specified period of time is exceeded, the cookie will be cleared by the system. Persistent cookies are stored in the user's cookie file and can still be called the next time the user returns. When cookies are stored in cookie files, some users worry that the user information in cookies will be stolen by some people with ulterior motives, which will cause certain damage. In fact, users outside the website cannot access cookie information across the website. Blocking cookies because of this concern will surely deny access to many site pages. Because, there are many Web site developers using Cookie technology today, such as the use of Session object is inseparable from the support of Cookie.
Session tracking technology is a technology used to maintain client-side and server-side communication information, and cookies are one of these session tracking technologies;
A cookie is a way for a server or script to maintain client information under the http protocol;
Cookies are stored on the client, usually in the browser's temporary cookie folder, and can be deleted manually;
When a user accesses the server, the server can set and access cookie information;
Cookies are transmitted by using the HTTP header information in the web page code, and each web page request of the browser can be transmitted with the cookie.
2. Cookie mechanism
In programs, session tracking is a very important thing. In theory, all request operations of one user should belong to the same session, and all request operations of another user should belong to another session. The two should not be confused. For example, any product purchased by user A in the supermarket should be placed in A's shopping cart. No matter when user A purchased it, it belongs to the same session and cannot be placed in user B's or user C's shopping cart. , which do not belong to the same session.
Web applications, on the other hand, use the HTTP protocol to transfer data. The HTTP protocol is a stateless protocol. Once the data exchange is completed, the connection between the client and the server is closed, and a new connection needs to be established to exchange data again. This means that the server cannot track the session from the connection. That is, when user A buys a product and puts it into the shopping cart, the server cannot determine whether the purchase belongs to the session of user A or the session of user B when the product is purchased again. To keep track of this session, a mechanism must be introduced.
Since HTTP is a stateless protocol, the server has no way of knowing the identity of the client from the network connection alone. How to do it? Just issue a pass to the clients, one for each person, and whoever visits must bring their own pass. This allows the server to verify the client's identity from the passport. This is how cookies work.
A cookie is actually a small piece of textual information. The client requests the server, and if the server needs to record the user status, it uses the response to issue a cookie to the client browser. The client browser will save the cookie. When the browser requests the website again, the browser submits the requested URL to the server together with the cookie. The server checks the cookie to identify the user's status. The server can also modify the content of the cookie as needed.
A cookie is a small TXT file placed by the website server on the client (Client End, which is your computer) when you browse the web. This file stores some things related to the website you visit. When you visit this website next time, the cookie will remember some status or settings of your last visit, so that the server can send the page in a targeted manner. related content. The information contained in the cookie does not have a standard format, and the specifications of each website server may be different, but generally include: the domain name of the website visited, the time when the visit started, the visitor's IP address and other client information , some settings of the visitor about this website, etc. For example, if you set information such as several search results to be displayed on a Google page, even if you do not log in to your Google account, it can be saved the next time you visit. The effect of entering cookies. If it is an online shopping site, it also records some information such as your shopping cart, storage rack, and your account name. In addition, some websites will record your login account and password through cookies, so that the next time you open your browser, you will be automatically logged in.
Of course, if you open the TXT file of the cookie in the system folder, you will not see this information but only a string of random characters, because for security reasons, the content of the cookie is generally encrypted, and only the corresponding server to understand. In addition, since cookies are only TXT files, not programs, let alone viruses, they cannot run by themselves, will not affect the operating system and any other computer programs, and will not spread through the Internet, so they do not actually pose a threat to Internet security. .
For website analysis, the role of cookies is to help website analysis tools such as embedded codes record the information of website visits (Visit) and visitors (Unique Visitor), and relevant monitoring cannot be achieved without cookies. The software that analyzes the website through the server-side Log does not need cookies to achieve relevant analysis, so cookies are only valid for tools such as embed codes. Those tools you are familiar with - Google Analytics, Omniture, HBX, WebTrends (embedded code version), etc., all require cookies to be placed on the computer of website visitors to achieve monitoring.
3. How cookies are used
In Java, we use document.cookie: get/set cookie
The format is: name=value;[expires=expiration time];[path=access path];[domain=domain name];[secure]
如: document.cookie = "username=zhangsan";
4. Application scenarios of cookies
4.1 Automatic login
4.2 E-commerce shopping cart function
4.3 Record the number of times the user logs in to the URL
4.4 Commodity browsing records
5. E-commerce shopping cart case
Implement shopping cart functionality locally in the browser.
In the product details interface, we can click the add to shopping cart button to add the product to the shopping cart. The product data added to the shopping cart is actually saved in the cookie. The product details page is as follows:
After adding multiple items to the shopping cart, we can go to My Shopping Cart to view the items in the shopping cart. We obtain these item data from cookies, as shown in the following figure:
After the shopping cart items are displayed, we can continue to operate on each item in the shopping cart, such as increase or decrease in quantity, item deletion, price statistics, batch deletion, select all operations, etc. As shown in the figure below, items can be deleted. At the same time, we will also make synchronous changes to the data in the cookie.
Source: Qianfeng HTML5