Introduction to Web Application Session (cookie)

 

Session 1 and session Status:

1. Web application session refers to a series of consecutive requests and responses between a client browser and the web server, knowing that the window is closed.

2. the session Status of a Web application is the status information generated by the Web server and the browser during the session. The session status information is used (the result of one question and one answer ), the Web server can associate a series of requests and responses in the same session.

For example, the account is the product of the shopping cart in the session state and the product in the session state.

The first access to the Web server login operation input account: XXX password: 1234 -- à servlet Verification

Shopping: Add a commodity to the shopping cart -- à XXX MP4

--- À

Checkout: send a request to the Web server ----- à XXX MP4

3. Reasons for recording session Status:

(1) the HTTP protocol only requests a sum and returns a response, with no status record

(2) HTTP is a stateless Thank you. The web server itself cannot identify which requests are sent by the same browser. Each request of the browser is independent.

(3) If the Web server needs to distinguish from a large number of request messages which belong to the same session, the browser must have a unique entity for each session, the request message in the same session carries the same ID, while the request message in different sessions always carries a different representation, which is called session ID ().

2. How to implement State Sessions

1. The session ID can be transmitted in the request message with the cookie technique, or as an additional parameter of the request URL. The session ID is generated when the web server receives the first access from a browser and sends it to the browser along with the response message.

2. the session process is enabled by the Web server program. Once a session is started, the server program creates an independent storage structure for the session to save the session status information, access requests in the same session can only access the status information in the storage structure of the session.

Introduction to three cookies

1. Introduction to cookies

(1) cookie is a technology that maintains HTTP status information on the client. It is like a discount card issued by a mall.

(2) cookie is a piece of data sent to the browser by the web server in the HTTP Response Message Header when the browser accesses a resource of the Web server, the data transmitted by the Web server to various client browsers can be different.

(3) once the web browser saves a cookie, it should return the cookie to the web server in the HTTP Request Header each time it accesses the web server.

(4) The web server sends cookie information to the browser by adding the set-Cookie response header field to the HTTP Response Message, the browser adds the cookie request header field to the HTTP request message to send the cookie back to the web server.

(5) A cookie can only identify one type of information. It contains at least one name and value ).

(6) A web site can send multiple cookies to a web browser. A Web browser can also store the cookies provided by multiple web sites.

(7) browsers generally only allow 300 cookies, and each site can store up to 20 cookies. The size of each cookie is limited to 4 kb.

 

2. Cookie Access steps:

The first visit --- à Web Server (without Cookie) generates a ccookie. The server encapsulates the cookie encapsulation response message in the Set-cookie -- à client browser, the cookie information in the response object will be stored on the client's computer. After the client's browser submits a request to the Web server, the web server will read the cookie in the request.

Note: If the browser disables the cookie, it cannot be accessed using the browser. The URL is required.