当前位置：网站首页>The difference between cookies and sessions

The difference between cookies and sessions

2022-07-19 02:41:00 【Do you eat oil cake】

Catalog

1、 What is? cookie

2. Why use cookie

3、cookie How it works

4、cookie Characteristics ：

session

1、 What is? session

2. Why use session

3、session How it works

4、session Characteristics

cookie

1、 What is? cookie

Cookie Meaning for “ cookie ”, By W3C organisation , The earliest by Netscape A mechanism for community development . at present Cookie Has become the norm , All the major browsers such as IE、Netscape、Firefox、Opera Such as support Cookie.

2. Why use cookie

because http Is stateless protocol （ The server and client do not know each other ）

About http The details of the agreement can be moved http agreement

Cookies Are small files stored on the user's computer . It is designed to store user data for some sites , This allows the server to customize content for such users . Page code can get Cookie The value is then sent to the server , such as Cookie The location is stored in , In the future, each time you enter the map, you can locate the changed location by default .

3、cookie How it works

When the user logs in for the first time , Send request to server
Server according to user information , The server helps users create a cookie To identify the user , Stored in a database , And send it to the browser
The browser will get cookie The data is stored in the local browser .（cookie Saved by the client ）
When sending the request again , The server will retrieve cookie, Verify user identity

cookie The simple workflow diagram of is convenient for everyone to understand ：

4、cookie Characteristics ：

Save to client , Easy to tamper with ( Delete 、 Ban )
The amount of data saved is limited （ Limited size , Maximum 4kb）
Easy to understand and use

session

1、 What is? session

Session It's another mechanism for recording customer status , The difference is Cookie Save in the client browser , and Session Save on the server . When the client browser accesses the server , The server records client information in some form on the server . This is it. Session. The client browser only needs to access it from that Session To find the status of the customer session It's a special kind cookie.cookie It's saved on the client side , and session It's stored in the server .

2. Why use session

because cookie There is a client , And its own storage size is limited , The key is that users can be visible , And can be modified at will , Very unsafe . Then how to be safe again , It is also convenient to read information globally ？ therefore , This is the time , A new storage session mechanism ：session The birth of !

3、session How it works

The client requests the server for the first time ;
The server generates a session Save the data on the server (session) Of id With cookie Passed to the client in the form of ;
The client requests the server for the second time , The browser will automatically carry cookie To access the server (session_id);

So visible ,session most important of all session_id, Stored in cookie in , therefore session Depend on cookie, When a browser is disabled cookie function ,session It can't be used ！

Let's take a brief look at session Work flow chart ：

4、session Characteristics

Used to store multiple requests for a session , There is a server .
Can store any type , Data of any size
Depend on cookie, Browser disable cookie,session It can't be used
sessionId Store in cookie in , At this time, if some browsers do not support cookie, At this point, you need to rewrite the code , take sessionID Put it in url in , It's not safe

cookie and session The difference between

1、 Save in different locations

cookie Store on client , and session Store on the server

2、 It's used in different ways

cookie： If on the browser side cookie Set the corresponding time , be cookie Save in local hard disk , If it doesn't expire at this time , Then you can use , If it expires, delete . If No, right cookie Setup time , The browser is closed by default ,cookie It will be deleted .
session： We're on request , If there is... In the request sent session_id, Then you will find the corresponding session object , If it doesn't exist session_id, On the server side, a session object , And will sessionId Return to the client , You can put it in cookie in , transmitted .