Session (Session) Web tracking program is a common technique used to follow the conversation of the user. Common conversation tracking technology is a Cookie and Session. Cookie information recorded by the client to determine the identity of the user, Session by recording the information on the server side to determine the user's identity.
Cookie mechanism
Cookie technology is client solutions, Cookie is a special message from the server to the client, and the information to a text file stored on the client, and then every time the client sends a request to the server will bring these special information .
客户端发送一个http请求到服务器端 服务器端发送一个http响应到客户端,其中包含Set-Cookie头部 客户端发送一个http请求到服务器端,其中包含Cookie头部 服务器端发送一个http响应到客户端
Session mechanism
In addition to the use of Cookie, Web applications are also frequently used to record the Session client state. Session recording is a mechanism of client state on the server side use, the use of simpler than Cookie A corresponding pressure also increases the storage server. Session technology is server-side solution, which is to maintain the state of the server.
What is a Cookie
Cookie meaning "cookies", proposed by the W3C organization, a mechanism was first proposed by Netscape community development. Currently Cookie has become the standard for all major browsers such as IE, Netscape, Firefox, Opera and so support Cookie.
Since HTTP is a stateless protocol, a single server from the network connection can not know the identity of customers. How to do it? The client who gave it issued a permit, a person, no matter who visit must bring their own passport. So that the server can confirm the identity of customers from the pass. This is the working principle of Cookie.
Cookie is actually a short text message. Client requests the server if the server requires the user to record the state, issued a response on the use of Cookie to the client browser. Cookie client browser will be saved. When a browser requests that site again, the browser URL along with the request submitted with the Cookie to the server. The server checks the Cookie, in order to identify user state. The server can also modify the contents of Cookie needed.
What is Session
Session recording is another mechanism of customer status, except Cookie is stored in the client browser, and Session saved on the server. The client browser access to the server, the server to the client information recorded on the server in some form. This is the Session. Just look for the Session of the client when the client browser access again from the state on it.
If the Cookie mechanism to determine the identity of the customer by checking the customer who "pass", then Session mechanism is used to confirm the identity of customers through "customer list" to check on the server. Session equivalent program created on the server of a customer files, customer visit when the customer files only need to query the table on it.
Cookie and Session of difference
A, cookie data is stored on the customer's browser, session data on the server;
two, cookie is not very safe, people can analyze stored locally and COOKIE COOKIE cheat, taking into account security should use the session;
three, session will within a certain time saved on the server. When accessing the increase would be more take up the performance of your server. Taking into account mitigating server performance, you should use the COOKIE;
Fourth, limit a single cookie in the client is 3K, a site that is stored in the client COOKIE not exceed 3K;
Cookie and Session program, although belonging to the client and server, but realize session of the server has a dependency on the client's cookie, the above I talked about the server to perform id value when the session mechanism generates the session, the id value sent to the client, the client id every request put this value into the head http request to the server, and the client id value preserved, preserved container that cookie, so when we completely ban when the browser cookie, session server will not work properly
Reproduced in: https: //juejin.im/post/5d0b24616fb9a07edc0b5c64