Transmit cookies
Cookie is a small file stored on the client computer. If you are a Windows user, you can view the Cookie Path in the user path, that is, the cookies and settings path. This path contains the text file of this file name:
Username @ Web site domain that created the cookie
(User Name @ site domain name for Cookie creation)
The. NET system. web space name contains three classes. You can use them to process cookies on the client:
Httpcookie: provides a way to establish and operate independent HTTP cookies.
Httpresponse: the cookie attribute allows the client to perform cookies.
Httprequest: cookies that allow access to client operations.
The cookie attributes of httpresponse and httprequest objects will return an httpcookiecollection object, which contains, add individual cookies to the collection, and) obtain a separate cookie.
Httpcookie type
Httpcookie is a separate cookie created for the customer's storage. Once an HTTP cookie object is created, you can add it to the cookies attribute of the httpresponse object. Similarly, you can access existing cookies through the httprequest object. The httpcookie class contains the following public attributes:
Domain: obtains or sets the cookie-related domain name, which can be used to restrict Cookie Access in a specific region.
Expires: Get or set the cookie End Date and time. You can set it to a previous date to automatically terminate or delete the cookie.
Names: Get or set the cookie name.
Path: obtain or set the virtual path of the cookie. This attribute allows you to restrict the cookie range, that is, access to a cookie can only be restricted to a specific folder or path. Set this attribute to only allow access to a specific path and all files under this path.
Secure (secure): sends a signal to indicate whether to use Secure Sockets Layer (SSL) to send cookie values.
Value: obtain or set a separate cookie value.
Values (information): returns a set of key/value contained in the cookie.
Although these are not the most detailed list, they provide what is needed to process cookies. For the use of these attributes, the following VB. NET example gives the best understanding:
Dim testcookie as new httpcookie ("lastvisited ")
Testcookie. value = datetime. Now. tostring
Testcookie. expires = datetime. Now. adddays (7)
Testcookie. Domain = "builder.com"
Response. Cookies. Add (testcookie)
ThisCodeCreate a new cookie named lastvisited and assign the value of the current date and time. Similarly, the cookie termination period is set to one week, and the related range is populated. Once an object is created, the object can be added to the cookies set on the client through the add method of the response. Cookies object. There are two methods in the httpcookie constructor:
Httpcookie objectname = new httpcookie ("cookiename ")
Httpcookie objectname = new httpcookie ("cookiename", "cookievalue ")
Similarly, the response object contains a setcookie method, which can accept an httpcookie object.
Where is my cookie?
Once cookies are stored on the client, there are several different methods for you to access them. If you know the cookie name, you can use the httpresponse object to easily access its value. The following VB. NET lines display cookie-related values:
Response. Write (request. Cookies ("lastvisitied"). value)
In addition, you can use an httpcookiecollection object to access the complete list of cookies. This allows the cookie list to be accessed using a for loop. The following C # code illustrates the example:
Httpcookiecollection cookies;
Httpcookie onecookie;
Cookies = request. Cookies;
String [] cookiearray = cookies. allkeys;
For (INT I = 0; I <cookiearray. length; I ++ ){
Onecookie = Cookies [cookiearray [I];
Response. Write (onecookie. Name + "-" + onecookie. value );
}
The corresponding code in VB. NET is as follows:
Dim I as integer
Dim onecookie as httpcookie
For I = 0 to request. Cookies. Count-1
Onecookie = request. Cookies (I)
Response. Write (onecookie. Name + "-" + onecookie. value)
Next I
Stability is also a point of view
Cookie files are stored on the client, so you can delete or modify them as needed. In addition, users can invalidate cookies. For this reason, remember not to rely on cookie data. You should store important information on the server, especially in a database.
Storing key information in a cookie is considered a low-level program design because the information is easily leaked because the information is stored in a file on the customer's machine. At this point, one way is to use SSL, which is a better way to avoid sensitive information.
Can I use cookies?
Users can use their browsers to support invalid cookies. You can access these settings in your code to determine whether cookies are supported. The request object satisfies this idea. The following VB. NET code shows this process:
If request. browser. Cookies = true then
'Use cookies
Else
'No cookie supported
End if
You can combine the code to use the cookie value. The following C # code snippet tests cookie support and displays the result in a text box:
If (request. browser. Cookies = true)
{
If (request. Cookies ["lastvisited1"] = NULL)
{
Httpcookie newcookie = new httpcookie ("lastvisited1", datetime. Now. tostring ());
Newcookie. expires = datetime. Now. addyears (1 );
Response. Cookies. Add (newcookie );
This.txt name. Text = "Is this your first time? ";
} Else {
This.txt name. Text = "we haven't seen you since" +
Request. Cookies ["lastvisited1"]. value;
}}
You can add this code snippet to the page_load event on the ASP. NET page.
Another way to save data
ASP. NET provides multiple methods to save specific user data. One of the old methods is cookies. For sensitive data, although cookies are not the best method, they are the best choice for affinity options such as color parameter selection and last access date (benign items. Although this sensitive data is important, it is not the end of the world when the user's computer crashes.
====================
Relationship between cookie and session
1. session in Asp.net can adopt cookie and cookieless methods. cookieless places sessionid in the URL and transmits it back and forth between the client and the server without Cookie. This method is not discussed here.
2. In Asp.net, when the customer requests a URL for the first time, the server generates a sessionid for the customer and sends it to the client using a non-permanent cookie.
3. Non-permanent cookies disappear only when the browser is closed. The session timeout is determined as follows:
3.1 When the client accesses the server for the first time, it will get a sessionid and send it to the client as a non-permanent cookie.
3.2 When you access this URL before closing the browser, the browser will send this sessionid to the server, the server maintains various statuses of the server corresponding to this customer based on the sessionid (that is, various values saved in the session) and can operate on these sessions in the Web application.
3.3 The server maintains the expiration time of this sessionid. You can set the Session Timeout time in IIS. Each request causes the server to extend the expiration time of this sessioid by a set timeout time.
3.4 when the server finds that a sessionid is out of date, that is, a customer has not accessed the site again within the specified timeout period, and deletes the sessionid along with all session variables related to the sessionid.
3.5 before the browser of the client is closed, the server does not know that the sessionid has been deleted. The client still sends the cookie of this sessionid to the server, but the server does not know the sessionid at this time, the user is treated as a new user and a new sessionid is assigned again.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
