In HTTP Cookie, Session understanding

Others 2019-10-26 23:46:37 views: null
Disclaimer: This article is a blogger original article, follow the CC 4.0 BY-SA copyright agreement, reproduced, please attach the original source link and this statement.
This link: https://blog.csdn.net/u013251692/article/details/78058696

Q: Why use Cookie and Session

  • Due to the HTTP protocol is stateless protocol, so the server requires the user status record, we need to use some mechanism to identify a specific user, thus creating a Session ID to distinguish labeled

Client and server sessions can be simply divided into the following steps Step 3:

  1. Users enter their account password to log in the client
  2. Server-side "remember" you and automatically generate the Session ID, and then included in the Cookie sent to the client
  3. User client once again sends includes Cookie Session ID received before and server interaction time, let the client server-side validation

Q: Session features

  • Session is stored on the server side
  • Record your login status, account number, password or something, but generally not stored in the database, because
    Session is aging, generally only 20 and 30 minutes, and the contents of the Session is usually client users need to constantly change value, and therefore does not make sense to save in the database.
  • Session ID Cookie also save the local copy., Each client and server interaction is distinguished by the Session ID to identify the

Q: Cookie features

  • Cookie is stored in the user's end
  • If you set the expiration time, the browser cookie will be saved to your hard drive, open the browser again after closing, these cookie remain valid until the expiration time exceeds the set
  • If you do not set an expiration time, it means that the cookie life cycle during a browsing session, simply close the browser window, cookie disappears, this coolie typically stored in memory
  • Components: name, value, expiration time, path and domain

Q: Session must rely Cookie do?

  • No, you can use the URL rewriting to achieve Session in the browser to disable Cookie, the principle is to rewrite the user id information Session of the URL address. Server parses the rewritten URL to obtain the Session id. So even if the client does not support Cookie, Session can also be used to record the user's status.

Guess you like

Origin blog.csdn.net/u013251692/article/details/78058696
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com