When the browser accesses the server, the server sends some data to the browser in the form of a Set-cookie message header. The browser will save the data. When the browser accesses the server again, the data is sent to the server in the form of a cookie message header.
2. Create a cookie
New Cookie (String name,string value); Response.addcookie (cookie);
The name of the cookie cannot be duplicated, similar to the map collection, and is substituted when there is a duplicate name.
3. Query cookies
// If there is no cookie, NULL is returned. cookie[] cookies == = Cookie.getvalue ();
4. The encoding problem when the cookie is saved
The value of the cookie just can be an ASCII character, and if it is Chinese, it needs to be converted into ASCII characters. This conversion can be done using the Urlencoder.encode () method and the Urldecoder.decode () method.
5. Save time for Cookies
Cookie.setmaxage (int seconds);//Unit is seconds
? Seconds > 0
The browser saves the cookie as a file on the hard disk. After a specified time has passed, the file is deleted.
? Seconds < 0
Default, the browser stores the cookie in memory. Just will not be deleted until the browser is closed.
? seconds = 0
Delete the Cookie now
6. Delete Cookies
For example, delete a cookie with the name "username".
Cookie C = new Cookie ("username", "");
C.setmaxage (0);
Cookie.setpath (Request.getcontextpath ());//path
Response.addcookie (c);
7. Restrictions on Cookies
? Cookies can prohibit
? The size of the cookie is limited (around 4k)
? There is also a limit on the number of cookies (the browser can store about 300)
? The value of the cookie just can be a string, consider the encoding problem.
? Cookies are not secure
8. Path Problem of cookies
When a browser sends a request to an address on the server, it compares the path of the cookie to the path of the access (address) to match, and the just has a matching cookie before it is sent.
The path to the cookie can be set by using the Cookie.setpath (String path) method. If there is no setting, there is a default path, and the default path is the path of the component that generated the cookie.
For example:/appname/addcookie saves a cookie, the path to the cookie is/appname/addcookie.
Rules:
The path to the cookie must be the upper directory of the path to be accessed, and the browser will not send the cookie to the server until the path is equal. You can typically set SetPath ("/appname"), which means that all addresses that are accessed under the app are sent
How does the server identify a particular customer? This time the cookie is on the scene. Each time the HTTP request is sent, the client sends the appropriate cookie information to the server. In fact, most of the applications are using cookies to achieve session tracking, the first time the session is created, the server will be in the HTTP protocol to tell the client, you need to record a session ID in the cookie, each request to send this session ID to the servers , I know who you are, note that the first request, there is no Cookie in the request header, the response header will be set-cookie. On the first request, the set-cookie:session in the response header takes advantage of the cookie implementation mechanism: Someone asked, what if the client's browser disables cookies? In this case, a technique called URL rewriting is used for session tracking, that is, each HTTP interaction, after which a parameter such as Jsessionid is appended to the URL, and the server identifies the user accordingly.<a href= "<%=response.encodeurl (" getsession.jsp ")%>" > Jump to the page that gets the session </a>
Cookies can also be used in a number of user-friendly scenarios, imagine that you have landed a website, the next time you log in and do not want to enter the account again, how to do? This information can be written into the cookie, visit the site, the Site page script can read this information, automatically help you to fill out the user name, to facilitate the user. This is also the origin of the name of the cookie, to the user a little sweetness. Session is inserver-side SaveA data structure that can be used to keep track of a user's state, which is stored in a cluster, database, or file;
Cookie isClient SaveA mechanism of user information, used to record some information of the user, is also a way to implement the session. Cookies Sent:<% Cookie c = new Cookie ("name", "Gareen");//Key value pair c.setmaxage (60*60*24);//valid for 24 hours, local persistence C.setpath (" 127.0.0.1 ");//path represents the hostname of the server, and only the browser accesses the server through this hostname, the cookie is submitted to the service side Response.addcookie (c);//Send generated cookie%> <a href= "getcookie.jsp" > Jump to the page to get cookies </a>
Note the problem with path:
Path represents the directory where the cookie resides. "/" means the root directory, and all pages have access to the cookie under the root directory. If the path of the cookie is test, then only the pages and code of the test directory or subdirectories under test will get this cookie.
such as Http://localhost:8080/Web02/test
The path value of the URL is set directly to the cookie when the path value is end with "/"
When the path value of the URL does not end with "/", see if there is a "/" in the path
Example: Http://localhost:8080/Web02/test/testServlet
If there is a "/", simply intercept the last "/" and set the path value of the cookie.
If there is no "/", set the path of the cookie to "/".
Cookie Read
cookie[] cookies = request.getcookies (); if (cookie = null) for (int i=0;i<cookies.length;i++) { response.getwriter (). Print (Cookies[i].getname () + ":" +cookies[i].getvalue ()); }
Cookie deletion
Cookie C = new Cookie ("name", "Peter"); C.setmaxage (24*60*60); C.setpath ("/"); Response.addcookie (c); Cookie cookie = new Cookie ("username", "Peter");//New Cookiecookie.setmaxage (0); The set life cycle is 0, indicating that Response.addcookie (cookie) will be deleted;