Difference and connection between cookie and session mechanism

Others 2022-04-28 08:32:32 views: 0

Session and cookie connection:

       The cookie mechanism adopts the scheme of maintaining state on the client side, while the session mechanism adopts the scheme of maintaining state on the server side. At the same time, we also see that since the server-side state-keeping scheme also needs to save an identity on the client side, the session mechanism may need to rely on the cookie mechanism to achieve the purpose of saving the identity, but in fact it has other options.

 

cookie mechanism:

        The content of the cookie mainly includes: name, value, expiration time, path and domain.

        The path, together with the domain, constitutes the scope of the cookie.

        If the expiration time is not set, it means that the lifetime of the cookie is during the browser session. When the browser window is closed, the cookie disappears. Such cookies with a lifetime of the browser session are called session cookies . Session cookies are generally not stored on hard disk but in memory.

 

session mechanism:

         The session mechanism is a server-side mechanism. The server uses a structure similar to a hash table (or possibly a hash table) to store information.

          When creating a session for a client's request, the server first checks whether the client's request already contains a session identifier (called session id). The session is retrieved and used according to the session id (if it cannot be retrieved, a new one will be created). If the client request does not contain a session id, a session will be created for the client and a session id associated with this session will be generated. This The session id will be returned to the client for saving in this response.

 

What happens when the browser disables cookies?

 

           sun helped us figure it out, so it provides 2 methods to make things easier: response.encodeURL() and response.encodeRedirectURL(). These two methods will determine whether the cookie is available. If it is disabled, the jsessionid in the url will be parsed and connected to the specified url. If the jessionid is not found, it will automatically generate one for us.

           Before calling HttpServletResponse.sendRedirect, you should call the encodeRedirectURL() method, otherwise the Session information may be lost. The usage of these two methods is as follows: response.sendRedirect(response.encodeURL("/myapp/input.jsp"));. If cookies are not disabled, the address we see in the browser address bar is this: /myapp/input.jsp, if cookies are disabled, we see: /myapp/input.jsp;jsessionid=73E6B2470C91A433A6698C7681FD44F4. so,

 

 

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326207228&siteId=291194637
Recommended
Rich text editor Quill 2.0 is released, with greatly improved features, reliability and developer experience
Ranking
The bootstrap table export function is invalid and an error is reported Uncaught INVALID_CHARACTER_ERR: DOM Exception 5 and the problem of exporting Chinese garbled characters
The application could not be installed: INSTALL_FAILED_SHARED_USER_INCOMPATIBLE
Fools Modeling-Simulated Annealing Algorithm
Web-based live chat one on one swoole
타사 플랫폼, 서버 노트
Precautions for local.properties developed by android studio
Talking about data structure - reprint
thinkphp5 installation
Bit plane layering of images
Summary of the process of creating a Windows installer with Inno Setup
Daily
More
2024-04-17(31)
2024-04-16(23)
2024-04-15(5)
2024-04-14(0)
2024-04-13(18)
2024-04-12(5)
2024-04-11(0)
2024-04-10(1)
2024-04-09(0)
2024-04-08(1)

Code World

© 2018 codetd.com