Specifically, cookies are stored in the "client" and the session is stored on the "server"
Cookies are implemented by extending the HTTP protocol
Cookies mainly include: name, value, expiration time, path and domain;
If the cookie is not set to a lifecycle, it is closed with a browser shutdown, which is typically stored in memory rather than on the hard disk. If you set a lifecycle, instead of disappearing with the browser shutdown, the cookies are still valid until you exceed the set expiration time.
Session to save information in a form similar to a hash table,
When a program needs to create a session for a client's request, the server first checks to see if the client's request contains a session ID
(called the session ID), if already included, the server retrieves the session by the session ID, if it has previously created a session for this client
Used (not retrieved, a new one is created), if the client request does not contain a session ID, create a session for the client and generate a session
The value of the associated session Id,session ID should be a string that is neither duplicated nor easily found to mimic, and this session ID will be in this response
is returned to the client for saving. The way to save this session ID is to use a cookie so that the browser can automatically send the logo to the following rules in the interactive process
Server. Generally this cookie's name is similar to Seeesionid. But cookies can be artificially prohibited, and there must be other mechanisms for the cookie to be disabled
The session ID can still be passed back to the server.
Disadvantages
1, the cookie data stored in the customer's browser, session data on the server.
2, cookies are not very safe, others can analyze stored in the local cookies and cookie spoofing
Consider that security should use session.
3, session will be stored in a certain period of time on the server. When the visit increases, it will take up the performance of your server
Consider the use of cookies for mitigating server performance.
4, a single cookie can not save more than 4K of data, many browsers limit a site to save up to 20 cookies.
5, so personal recommendations:
Storing important information such as login information as session
Additional information, if required, can be placed in a cookie
This article on the difference between cookies and session is small to share all the content of everyone, hope to give you a reference, but also hope that we support the cloud-dwelling community.