The following is a detailed introduction to the differences between session, cookie, and token, as follows:
1. The difference between session and cookie:
· Data storage locations are different: session data is stored in the server, and cookie data is stored in the browser.
Different degrees of security: it is not very safe to store cookies on the server, but it is relatively safe to store sessions on the server.
· The performance usage is different: the session is placed on the server, and the increased access will occupy the performance of the server; considering the reduction of server performance, cookies should be used.
· The data storage size is different: the data saved by a single cookie cannot exceed 4K, and the session is stored on the server side, depending on the size of the server.
2. The difference between token and session:
The token is defined by development, and the session is defined by the http protocol;
The token is not necessarily stored, and the session is stored in the server;
· Tokens can cross domains, but sessions cannot. They are bound to domain names.
