Cookie details, ASP. NET core knowledge (7), cookieasp.net
Stateless http protocol
1. Review http protocol
The Http protocol is request-responsive and responds only when requested. It is stateless and does not remember what happened between the previous request and the webpage ".
Black Rabbit elaborated on the characteristics of http in the previous three blog posts. Interested children's shoes can vomit.
Previous Article:
Core Knowledge about Http and ASP. NET (2)
Write a simple browser, ASP. NET core knowledge (3)
Write a simple web server, ASP. NET core knowledge (4)
2.Cases and drawbacks
After talking about the features of the http protocol, let's take a simple example to bring us into conflict.
Html: <form action = "IncLabel. ashx "method =" post "> <input type =" text "name =" I "value =" @ I "/> <input type =" submit "name =" btn1" /> </form> ashx: int I = 0; if (! String. isNullOrEmpty (context. request ["btn1"]) {I = Convert. toInt32 (context. request ["I"]); I ++;} string html = HtmlFileLoader. load ("~ /IncLabel.html "); html = html. replace ("@ I", I. toString (); context. response. write (html); in this case, html sends a request like ashx. No matter how many times you click the submit button, only 1 is displayed on the page. Rather than continuing to grow.
The Http protocol does not remember what happened to the previous webpage ". The server does not remember what it gave to the browser last time, otherwise the pressure on the server will be too high. Each request arrives at asp.net, a new HttpHandler object is created for processing.
However, this is often the case in real development. How can this problem be solved?
3. How to proceedTransfer and save status?
How do I save the status between servers and browsers? I have two answers here.
1) record the information in the policy on the page
Save the status information to the page form before the browser responds. The status information will be included when the next page sends a request to the server, in this way, the server can restore the last state based on the state information, similar to the medical records. If you think this form object is not suitable, set this input to hidden.
This is the webform method, which is very convenient to use, but html will be very bloated.
2) uses the Cookie, Session, and other state storage mechanisms
After talking about this, let's start with the question: Cookie
Recognize cookies
1. Cookie storage location
Cookies are stored on the browser. For websites with cookies configured,
The browser sends the Cookie information of the local machine to the server through the http request message.
The server sets the Cookie. And return the Response Message to the browser.
2. Read and set cookies
Page for setting values:
Response. SetCookie (new HttpCookie ("UserName", username ));
Page for reading values:
String username = Request. Cookies ["UserName"]. Value;
3.Cookie expiration time
// AddDays of DateTime is to add 20 days based on this DateTime, and return the new DateTime object.
// If the Expires timeout is not set, the Cookie becomes invalid after the browser is closed.
// If Expires is set, even if the browser is closed, the browser can be accessed again unless it Expires.
Cookie. Expires = DateTime. Now. AddDays (20 );
Context. Response. SetCookie (cookie );
It is worth noting that the Expires settings are similar to the expiration date. Instead of a one-month warranty period. You know what I mean!
4.Key-Value Pair Storage
New HttpCookie ("UserName", username ). // Needless to say
In fact, there are also value-included key-value pairs. I will write them later, but I have never used them.
Cookie Path Problems
1.Path
Path indicates the directory where the cookie is located,
A) The default value is "/".
The default value of asp.net is/, which is the root directory. If you want the entire domain name to be accessible, set Path to "/".
B) null
If Path is empty, only the page in the directory where the current page is located can be read, but not any subfolders.
C) elaborate on path issues
The directory on the same server is as follows:/web/path1/,/web/path2/
2.Domain
Domain indicates the domain where the cookie is located (domain name)
1) Default
The default address is the request address. If it is www.baidu.com/test/test.aspx, then domain?is www.baidu.com.
However, the cookie of the default domain cannot be accessed across domains. For example, teiba.baidu.com cannot access cookies.
2) Cross-domain
If you want all the subdomain names of a site to access a cookie.
For example, tieba.baidu.com and www.baidu.com.
Set domain".Baidu.com".
Ps: the browser saves cookies with the same domain and path in one file, and the cookies are separated.
3. Key-value pairs
The cookie format containing multiple child key-value pairs is name = key1 = value1 & key2 = value2.
It can be understood that the value of a single key-Value Pair saves a custom multi-key string, where the key-Value Pair Delimiter is &, of course, you can define a separator, however, asp.net is used as the separator.
Cookie Defects
1. Small and insecure information
Too much information cannot be stored, and confidential information cannot be stored (do not store information that you do not want to see or cannot be tampered with by users in cookies ).
2. It may be clear
Cookie: It can be cleared, and data that cannot be lost cannot be stored in the Cookie. It may have expired before Expires.
3. cross-browser is not allowed
Cookies cannot be used across different browsers. the browser's "privacy mode/trumpet mode ".
Session in this article
Put the connection in one hour. We look forward to your thumbs up.