COOKIE translation: Biscuits
Translated session: Meetings
As we all know, http is stateless, then use the major site, you already know how it landed?
In fact, here we use a technology, is COOKIE. COOKIE fact, there is some local browser does not exceed 4KB small text data by a name (Name), a value (Value) and several other Cookie is valid for control, security, the use of optional attributes.
Baidu Encyclopedia: https://baike.baidu.com/item/cookie/1119?fr=aladdin
Description: http request in the process will send a request header and request body, and the request header, contains COOKIE sent to the server, upon receiving the request, according to the needs of fetching data from among COOKIE, then the service processing, Finally, return to the web front end.
So, here, we can know, the reason we landed after some web sites, landing sites know our state, it is because COOKIE can carry data access server, let the server know our current login status.
Of course, the state recorded just landed an application scenario, COOKIE there are other applications, such as saving some data that way, such as account passwords, whether to remember the password, and so on.
At a time when the question is, if the local store passwords for some scenes of high security lines, such as online banking and so on, we do not have local passwords and other sensitive information, so we need the presence server information.
session arises, session is stored on the server and technically need to do is to every request corresponds to a session_id, then passed to the client session_id COOKIE by the client at the next visit, COOKIE carrying session_id submitted,
By querying a server name (Name) session_id corresponding to a value (the Value), to get the required data, then performs service processing, and returns to the client.
Using the syntax:
COOKIE settings
response.set_cookie(key, value,[args])
response is the response object Httpresponse render redirect response generated
Related parameters:
-
key: key value of the cookie
-
value: value value of the cookie
-
max_age: timeout is retained in the browser cache in how much time the unit is s an example: 10s
-
expires: If the value applied to the input max_age similar number represents a few days, particularly if the input time of day representative of the format of the failure 2019-9-12
-
path / representatives into full force, / aa / aa represents only take effect in the domain where the
-
domain: The domain that the cookie only apply to a domain name
-
secure: for encrypting data inside cookies, flase default protocol is http, https protocol to encrypt ture
-
httponly: true representatives can not be used by JS js get cookie cookies we can get at f12 in obtaining input document.cookie
COOKIE read:
request.COOKIE.GET(key)
COOKIE deleted:
response.delete_cookie('key')
del request.COOKIES[key]
session:
Setting, modifying
request.session [ 'key'] = ' value'
获取
request.session.get('key')
Remove
request.session.clear () # value is emptied
request.session.flush () # key and value with emptying
del makes request.session [ 'Key'] # delete the specified data
request.session.set_expiry ( 'value') # set the expiration time