Crash: Cookie

We know that form pages are stateless, which means they do not automatically indicate whether all requests in the sequence come from the same client, or whether a single browser instance is always viewing pages or sites, every round-trip to the server will be destroyed and the page will be re-created. Therefore, the page information will not exist if the lifecycle of a single page is exceeded.
The role of status management is as follows:
1. Instruct the user to associate with the browser instance
2. enable information sharing between pages and between requests
3. faster data storage
In addition to cookies, there are almost no other methods to write data on the client machine (even the Cookie write operation is performed by the browser: the server sends back the response to allow the browser to add cookies, of course, the browser can also disable it through security configuration. Currently, most websites use cookies to record some data (such as your ID), so that you can directly configure the previous settings when accessing the website next time. Therefore, it is best not to close the Cookie easily, are there any risks in these cookies? If the user can change the information in the Cookie, then the server will return to the page with the previous configuration silly? Is this possible? After checking the browser, there is no way to modify the Cookie information. You can only clear the Cookie. However, to prevent Cookie information leakage, We can encrypt the Cookie!
Okay. Now let's take a look at how to use C # to add, delete, query, and modify cookies.
View Code
// Use the Response object to return the Cookie to the browser again, and then the browser
// Write Cookie on the machine
Protected void button#click (object sender, EventArgs e)
{
HttpCookie Cookie = new HttpCookie (CookieName. Text, CookieValue. Text );
// Cookie. Expires = DateTime. Now. AddSeconds (int. Parse (CookieExpires. Text ));
Response. Cookies. Add (Cookie );
}

Protected void Button3_Click (object sender, EventArgs e)
{
HttpCookie Cookie = Request. Cookies [CookieName. Text];
If (Cookie! = Null)
{
Cookie_Info.Text = Cookie. Name + "___" + Cookie. Value + "-----" + Cookie. Expires;
}
}

// Delete the Cookie
// We cannot directly Delete the Cookie, and the server cannot delete the Cookie. The delete Cookie operation is performed by the browser.
// We can set the Cookie to the past time so that the Cookie expires.
Protected void Button2_Click (object sender, EventArgs e)
{
Cookie_Info.Text = "";
HttpCookie Cookie = Request. Cookies [CookieName. Text];
If (Cookie! = Null)
{
Cookie. Expires = DateTime. MinValue;
}
Response. Cookies. Add (Cookie );
}

Here are a few notes:
1. When adding a Cookie, if we do not set its validity period, it will expire immediately after the session ends.
2. When we look for a Cookie, we often determine whether the Cookie exists, rather than determining whether the Cookie's validity period has expired, because the Cookie's validity period is relative to that of the browser, it is invalid for the server! The server cannot access it for a valid time! However, you can modify the effective time ~
3. For expired cookies, the server cannot read them, but they exist in the browser! Some extra cookies are generated. If these cookies are too many and are not deleted, they will remain in the memory and occupy the memory! That's why we say it's a crash, Cookie!
Add an image here, which is the interface I used during the test:

 

4. If you want to view the cookies saved by your browser, you can view them in the browser: Tools-> options-> privacy page ~ (PS: I use Firefox, and others may be different !)

 

From the girl from iflytek