1. When a lot of people unified network access server, how to distinguish between different users?
A: sessionid, sessionid ensure that the browser and the server uniqueness communications document number, session stored on the server, sessionid stored in the client browser, the server as a unique key value to find the corresponding According sessionid browser transmitted to user, so that the sessionid used to distinguish the uniqueness and query user information, sessionid role of self-evident.
2. We often say that after the browser is closed session will be cleared by the life cycle of that session it?
A: Yes, this is the server's configuration, the browser is closed just sessionid to clear, so this opens a browser and request the service, your login status can not be found, so you need to log in again. Under normal circumstances, if the browser does not refresh or re-request, the server will cache the session data is generally about 20 minutes.
3.cookie will be cached, sessionid stored in a cookie, sessionid will be clear what?
Not necessarily, this requires a server cookie is set, but overall, due to security reasons, it is best not to cache sessionid: A
need to preserve it when 4.cookie sessionid save user state?
A: No, you can save user_id or other token
5.cookie is how to send to the server?
A: Use http request header, browser package, but in general the network programming may be added
as
GET / HTTP/1.1
Host: www.guancha.cn
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Cookie: pgv_pvi=9956446208; pbm_total_match_cookie_281589=1; has_js=1; Hm_lvt_8ab18ec6e3ee89210917ef2c8572b30e=1414852570,1414879794,1414884316,1414901793; Hm_lpvt_8ab18ec6e3ee89210917ef2c8572b30e=1414901793
6. Examples of the above is not sessionid it?
A: Yes, no, just a sessionid lieu of that, the variable name can be changed, such as the use phpsessionid in php,
in java web in JSESSIONID
7. There sessionid before logging in, you need to re-set after logging in it?
A: depending on the case, if the high security requirements, you can regenerate a sessionid,
the other must be destroyed before sessionid
how to generate after 8.sessionid sent to the browser?
A: By default, the server mounts a response message to indicate the set-Cookie SessionID browser to update, need not manually update
such as:
HTTP/1.x 200 OK
X-Powered-By: PHP/5.2.1
Set-Cookie: TestCookie=something from somewhere; path=/
Expires: Thu, 19 Nov 2007 18:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html
Reproduced in: https: //my.oschina.net/artong999/blog/3058561