HTTP is a stateless protocol. Two consecutive requests in the same session do not know each other. They are parsed by the latest instantiated environment, except for all information that the application may have stored in a global object, the environment does not save any session-related information. The status of the Protocol indicates the ability to "remember" The transfer information during the next transmission. HTTP does not maintain the information transmitted by this connection for the next connection.
Stateless means that when a browser sends a request to the server, the server responds, but the same browser sends the request to the server again, it will respond, but he doesn't know that you are the browser just now. Simply put, the server won't remember you, so it's a stateless protocol. HTTP is an object-oriented protocol at the application layer. HTTP has five features:
1. Supports the customer/Server mode;
2. simple and fast;
3. Flexible;
4. No connection;
5. stateless;
"Stateless" is one of the main features of the HTTP protocol. The lack of status means that if the previous information needs to be processed in the future, it must be re-transmitted, which may increase the amount of data transferred each time. On the other hand, when the server does not need previous information, its response is faster. HTTP is short for Hyper Text Transfer Protocol. As the name suggests, this protocol supports Hypertext Transfer. So what is hyper text? To put it bluntly, it is a page written in HTML. Generally, we use a client browser to access server resources. The most common URL is an HTML file. Therefore, hypertext is the most important resource on the network. Since the HTTP protocol is designed to support Hypertext Transfer, and more broadly, it supports resource transmission, the client browser sends requests to the HTTP server, when the HTTP server sends the corresponding resources back to the client, there is no need to record this process for both the client and the server, because every request and response are relatively independent, just as if you cast a coin in front of a vending machine to buy a product, no one needs to remember this transaction process. Generally, a URL corresponds to a unique hypertext, And the HTTP server is absolutely fair. Whether you are Michael or Jordon, it will return the same hypertext according to the received URL request. This uniqueness makes it meaningless to record the user's behavior status. Therefore, the HTTP protocol is designed as a stateless connection protocol to meet its own needs.
However, with the passage of time, people found that static html is really boring and boring. Adding dynamic content will make Web applications more useful. As a result, the HTML syntax is constantly expanding. The most important of them is the addition of form. The client also adds functions such as script processing and Dom processing. for servers, the corresponding CGI (Common
Gateway Interface) to process dynamic requests including form submissions. After the emergence of such a web application that dynamically interacts with the server, the stateless HTTP feature severely hinders the implementation of these applications. After all, interaction must be carried forward, A simple Shopping Cart program also needs to know what items the user has selected before. Therefore, the two technologies used to maintain the HTTP connection status came into being. One is cookie, and the other is session. Cookie is a solution that maintains the status through the client. By definition, cookies are the special information sent from the server to the client, which is stored on the client as text files, the client then carries the special information each time it sends a request to the server. Let's be more specific: when a user accesses a website that supports cookies through a browser, the user will provide personal information including the user name and submit it to the server. Then, when the server returns the corresponding hypertext to the client, it also sends back the personal information. Of course, this information is not stored in the HTTP response body (Response
Body, but stored in the HTTP Response Header. When the client browser receives a response from the server, the browser stores the information in a unified location, for Windows operating systems, we can find the stored cookies in the [System Disk]: \ Documents ents and Settings \ [user name] \ cookies directory. Since then, when the client sends a request to the server, the corresponding cookie is sent back to the server. This time, the cookie information is stored in the HTTP request header.
With the implementation of cookie technology, after receiving a request from a client browser, the server can analyze the cookie stored in the request header to obtain the unique information of the client, in this way, content corresponding to the client is dynamically generated. Generally, we can see the option "remember me" in the logon interface of many websites. If you select this option, log on again, therefore, the next time you access the website, you do not need to perform repeated and cumbersome logon actions. This function is implemented through cookies.
A solution opposite to Cookie is Session, which is maintained by the server. The session vocabulary contains a lot of semantics, so we need to clarify the meaning of the session here. First, we usually translate sessions into sessions, so we can call a series of interactions between the client browser and the server a session. Starting from this semantics, we will mention the session duration and the operations performed in the session process. Secondly, session refers to the storage space opened by the server for the client. The information stored in the session is used to maintain the status. Starting from this semantics, we will mention what content is stored in the session and how to obtain Matching content from the session based on the key value.
The first step is to create a session. When will the session be created? Of course, it was created during the running of the server program. applications implemented in different languages have different methods to create sessions, in Java, it is created by calling the getsession method of httpservletrequest (using true as the parameter. When a session is created, the server generates a unique session for the session.
The session ID will be used in subsequent requests to obtain the created session. After the session is created, you can call the session-related method to add content to the session. The content is only stored on the server and only the session ID is sent to the client. When the client sends the request again, this session ID will be carried. After the server receives the request, it will find the corresponding session based on the session ID and use it again. In this process, the user's status is maintained. To sum up, HTTP itself is a stateless connection protocol. to support interaction between the client and the server, we need to use different technologies to store the status of interaction, these different technologies are cookie and session.
