Java learning path: web Knowledge Summary

Java learning path: web Knowledge Summary

1.OSI Layer-7 protocol:

Application Layer (an interface between HTTP, FTP, SMTP, POP3, and TELNET network services and end users)
Bytes
Presentation layer (JPEG, ASCII, DECOIC data representation, security, compression)
Bytes
Session Layer (establish, manage, and terminate a session,The host process, which refers to the ongoing session between the local host and the remote host.)
Bytes
Transport Layer (TCP and UDP define the protocol port number, traffic control, and error verification for data transmission. Once a data packet leaves the network adapter, it enters the network transmission layer)
Bytes
Network Layer (IP, ICMP, and IGMP are used for logical address addressing to select paths between different networks)
Bytes
Data link layer (establishing logical connections, addressing hardware addresses, and error verification)
Bytes
Physical Layer (establish, maintain, and disconnect physical connections)

2.Http protocol:

The TCP/IP-based application layer protocol that specifies how the client interacts with the server. Based on the Request Response model, a request corresponds to a response. A request can only be sent by the client, the server can only passively wait for the request to respond.
Versions of the HTTP protocol: HTTP/1.0 and HTTP/1.1. Among them, 1.0 requests initiate a connection and the connection is automatically disconnected after the response. 1.1 after each request response, the connection will be maintained for a period of time, during which the request response can be executed again.

3. Http request

Request Line:
GET books/java.html HTTP/1.1
Protocol used to request resource names
Seven request methods: common POST and GET
The difference between GET and POST requests is that the request parameters are transmitted in different ways.
GET: The request parameter is appended to the request url and sent to the server as part of the request address. The data size that can be transmitted cannot exceed 1 kb.
POST: The request parameters are transmitted in the object content of the Http request.

Common headers used in HTTP requests:

Accept-Charset:Character Set encoding required by the ISO-8859-1 client to accept data
Accept-Encoding:Gzip, compress client acceptable data compression format
Accept-Language:En-us, zh-cn acceptable language environment
Host:Www.it315.org: 80 virtual host name to be accessed
If-Modified-Since:Tue, 11 Jul 2000 18:23:51 GMT this is a cache-related header with the last retrieval time of the cache Resource
Referer:The http://www.it315.org/index.jsp header indicates which link the current request comes from, which is related to anti-leech functionality
User-Agent:Some basic information about the Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) Client
Cookie passed to the server cookie value
Connection:Close/Keep-Alive specifies whether to continue the connection
Date:Tue, 11 Jul 2000 18:23:51 GMT current time

4. HTTP response

Status line
Format: HTTP Version status code reason description
Example: HTTP/1.1 200 OK
The status code is used to indicate the server's request processing result. It is a three-digit decimal number. The response status codes are classified into five categories, as shown below:

Status Code	Description
100 ~ 199	The request is successfully accepted and the client is required to submit the next request to complete the entire process.
200 ~ 299	Indicates that the request is successfully received and the entire request has been completed.
300 ~ 399	If the request is not completed, the client needs to further refine the requirements. Generally, 302,307,304 of requests are cached.
400 ~ 499	Client request error, usually 404
500 ~ 599	Server error, common 500

Common headers used in HTTP requests:

Location:Http://www.it315.org/index.jsp with 302 for request redirection
Server: basic information of the apache tomcat Server
Content-Encoding:The compression format used by the gzip server to send data
Content-Length:Size of data sent by 80
Content-Language:En-language environment for data sent from cn
Content-Type:Text/html; charset = GB2312 basic information of the data currently sent, (data type, encoding used)
Last-Modified:Tue, 11 Jul 2000 18:23:51 GMT cache-related Headers
Refresh:1; url = http://www.it315.org notifies the browser to regularly refresh, which can be a number that specifies how long the current page will be refreshed, this number can be followed by a semicolon followed by a URL address to specify the URL to be refreshed
Content-Disposition:Attachment=filename=aaa.zip header related to download
Transfer-Encoding:Chunked transmission type. If the value is a chunked, the current data is transmitted in one piece.
** Set-Cookie: ** SS = Q0 = 5Lb_nQ; path =/search and cookie-related headers, notifying the browser to Set cookies
ETag:Header related to the cache mechanism W/"83474-1208174400000"
Expires:-1 indicates the resource cache time. If the value is 0 or-1, the resource will not be cached.
Cache-Control:No-cache-related headers. If no-cache is used, the browser is notified not to cache
Pragma:No-cache-related headers. If no-cache is used, no cache is used.
The above three headers are used to control the cache because of historical reasons. Different browsers recognize different headers and we usually use them together to ensure universality.
Connection:Close/Keep-Alive connection
Date:Tue, 11 Jul 2000 18:23:51 GMT current time

5. Session Technology

From accessing the server from the browser to closing the browser, many requests and responses occur during this period. This process is called a session.

Cookie is a client TechnologyThe program writes the data of each user to the user's browser in the form of cookies. When a user uses a browser to access the web resources on the server, the user will carry their own data. In this way, web resources process user data.

A Cookie can only identify one type of information. It contains at least one NAME and VALUE ).

A web site can send multiple cookies to a WEB browser, and a WEB browser can also store the cookies provided by multiple WEB sites.

Generally, a browser can only store 300 cookies. Each site can store up to 20 cookies. The size of each Cookie is limited to 4 kb.

If a cookie is created and sent to the browser, It is a session-level cookie (stored in the browser's memory) by default. After exiting the browser, the cookie is deleted. If you want your browser to store the cookie on a disk, you need to use maxAge and provide a time in seconds. If the maximum validity period is set to 0, the browser deletes the cookie.

Note: When you delete a cookie, the path must be consistent; otherwise, the cookie will not be deleted (the browser uses> cookie name + path to identify a cookie)

The method with addCookie on response can organize the created method into the set-cookie header in the response Message and notify the browser to save the cookie.

The request body has the getCookies method, which can obtain all cookies brought by the browser.

Cookie method: note that the browser uses the cookie name and the cookie path to identify whether the cookie is the same. If you need to overwrite the previous cookie, in addition to the same name, the path must also be the same.

Public Cookie (String name, String value) creates a Cookie object by using the constructor. The Cookie name and value must be specified during creation.

Set the setValue and getValue methods or obtain the Cookie value.

If the setMaxAge and getMaxAge methods do not set the cookie's MaxAge (or set its value to a negative value), the browser saves the cookie in the browser's memory by default, will disappear as the browser closes. If it is set to a positive value, it indicates the time value in seconds that the Cookie will be saved. In this way, the cookie will be saved to the hard disk by the browser. If you set MaxAge to 0, the browser is notified to delete the Cookie.

The setPath and getPath methods are used to specify which ULR and its sub-URLs to access with this cookie. If this value is not set, the browser uses the path of the servlet sending the cookie as the path by default.

For example:

SetPath ("/Day06")/Day06 /... /... Will carry the Cookie
If the Servlet sending the Cookie is/Day06/servlet/Demo1Servlet and setPat is not set, the browser will bring the cookie when accessing/Day06/servlet /...

The setDomain and getDomain methods set the domain name corresponding to the cookie. Once this method is called, the browser will deem the cookie as a third-party cookie and reject it.

The getName method obtains the cookie name. Note that the setName method is not used. Once a Cookie is created, the name cannot be changed.

Generally, a browser can only store 300 cookies. Each site can store up to 20 cookies. The size of each Cookie is limited to 4 kb.
Cookie is based on the set-Cookie response header and Cookie request header. The server can send the set-Cookie Request Header command to the browser to save a cookie, when accessing the server, the browser will return the previously saved information in the form of a Cookie request header.

Request. getCookies ();

Response. addCookie (Cookie c );

New Cookie (String name, String value) // when constructing a Cookie, you must set the cookie name and value.

GetName ();

GetValue ();

SetValue ();

!! SetMaxAge and getMaxAge Methods

If MaxAge is not set for a Cookie, the Cookie is a session-level Cookie. After the Cookie information is sent to the browser, the browser stores it in the browser's memory, this means that the Cookie information disappears as long as the browser is closed and the browser memory is destroyed. you can also set MaxAge for a Cookie. Once you find that MaxAge is set for the Cookie you receive, the Cookie information is saved as a file in the temporary folder of the browser, save to the specified time arrival location. in this way, even if you switch the browser multiple times, because these browsers can see the cookie file in the Temporary Folder, the cookie information exists before the cookie expires.

-If you want to run a command on the browser to delete a Cookie and send a cookie with the same name and path, maxage is set to 0. The browser identifies the cookie with the same name and path, the cookie is deleted immediately after it is overwritten.

!! SetPath and getPath Methods
-Notifies the browser of the path on which the browser accesses the server and its sub-path with the current cookie information.
If not explicitly set, the default path is the path of the Servlet that sends the Cookie.
SetDomain and getDomain Methods

. -It is used to notify the browser of the domain name with the current cookie information. however, it should be noted that modern browsers will reject this cookie once they find that the Cookie has been set to domain information. we usually do not set this method.

Session is a server-side TechnologyWith this technology, the server can create an exclusive session object for each user's browser at runtime. Because the session is exclusive to the user's browser, when the user accesses the web Resources of the server, you can put your data in their respective sessions. When you access other web resources on the server, other web resources will retrieve data from their sessions to serve users.

Virtual Machine death.

* If the server is shut down normally, sessions that have not timed out will be saved as files in the work directory of the server. This process is called session passivation. when the server is started normally next time, the passive session will be restored to the memory. This process is called session activation.

!! Role: share data within the session range

!! Session principle:

The request. getSession () method checks whether the request has a JSESSIONID cookie. If there is a JSESSIONID cookie, obtain its value and find the corresponding session to serve it.

If no, check whether JSESSIONID is included in the request URL. If yes, find the corresponding Session as the Browser Server.

If no Session exists, the browser does not have the corresponding Session. Create a Session and add the JSESSIONID cookie to the response. The value is the Session id.

By default, the path of JSESSIONID is the name of the current web application, and MaxAge is not set. It is a session-level cookie.

This means that the previous Session cannot be found because the JSESSIONID is lost when the browser is closed and the new browser is opened.
We can manually send the JSESSIONID cookie with the same name and path as when automatic sending, but set MaxAge, in addition to saving JSESSIONID information in the memory, the browser also saves the JSESSIONID in the Temporary Folder as a file, so that the browser can still use the previous session even if it re-opens the browser.

URL rewriting:
If the browser disables the Cookie, the browser cannot use the JSESSIONID cookie.
We can use the URL rewriting mechanism to splice the JSESSIONID information in the form of parameters after all the hyperlinks. Thus, when clicking the hyperlink, we can use the URL parameter to wait for the jsessionid to use the Session
The process of rewriting and splicing the JSESSIONID is called URL rewriting.

Request. getSession ()-before URL rewriting, you must create a Session to have the Session id.
Response. encodeURL ()-This method is used to override General addresses.
Response. encodeRedirectURL ()-This method is used if the address is used for redirection.

* Once the url rewriting method finds that the browser brings back any cookie information, the client considers that the cookie is not disabled and will not be overwritten.

Cookie is a client Technology

The data is stored on the client. This information can be saved for a long time.
Data may be cleared at any time, so the data stored in cookies is unreliable.
The data is stored on the client and may be viewed at any time. If sensitive information such as user name and password is stored in cookies, security issues may occur.

Session is a server-side Technology

Data is stored in the service area, which is relatively stable and secure.
The server memory is occupied, so the survival time is generally not too long, and will be destroyed if the timeout time is exceeded. we need to reasonably set the session Timeout time based on the server pressure and session usage to ensure that the session survival time is sufficient, at the same time, unnecessary sessions can be destroyed in a timely manner to reduce the occupation of server memory.