当前位置:网站首页>Web Security (V) what is a session? Why do I need a session?
Web Security (V) what is a session? Why do I need a session?
2022-07-06 05:28:00 【jinyangjie0】
Session What is it?
Session Is the meaning of conversation , It is generally used to record user information on the server . It made up for HTTP It is the defect of stateless protocol that makes the service unable to identify users .
The typical scene is a shopping cart , When you want to add items to the cart , The system doesn't know which user operated , because HTTP Protocol is stateless . The server creates specific Session
Then you can identify the user and track the user .
Why session
Talk about session Usually in web In the context of application , We know web The application is based on HTTP Agreed , and HTTP The agreement is exactly a stateless agreement . in other words , User from A The page jumps to B The page will be sent again HTTP request , When the server returns the response, it cannot know that the user is requesting B What did you do before the page .
about HTTP The cause of Statelessness , relevant RFC There is no explanation in , But contact HTTP History and application scenarios , We can infer some reasons :
1、 Design HTTP The original purpose is to provide a release and reception HTML Page method . At that time, there was no dynamic page technology , Only pure static HTML page , Therefore, there is no need for the agreement to maintain the state ;
2、 When the user receives a response , It often takes some time to read the page , Therefore, if the connection between the client and the server is maintained , Then this connection will be idle most of the time , This is an unprovoked waste of resources . therefore HTTP The original design is the default short connection , That is, the client and server disconnect after completing a request and response TCP Connect , Therefore, the server cannot predict the next action of the client , It doesn't even know if this user will visit again , So let HTTP Protocols to maintain user access status are also completely unnecessary ;
3、 Transfer part of the complexity to HTTP Protocol based technology can make HTTP It is relatively simple at the level of agreement , And this simplicity also gives HTTP Stronger scalability . in fact ,session Technology is also right in essence HTTP An extension of the protocol .
To make a long story short ,HTTP The statelessness of is determined by its historical mission . But with the vigorous development of network technology , People are no longer satisfied with rigid and boring static HTML, They hope web Application can move , So scripts and DOM technology ,HTML Added form in , And the server appears CGI Dynamic technology .
边栏推荐
- The ECU of 21 Audi q5l 45tfsi brushes is upgraded to master special adjustment, and the horsepower is safely and stably increased to 305 horsepower
- Cuda11.1 online installation
- 02. 开发博客项目之数据存储
- 毕业设计游戏商城
- Easy to understand IIC protocol explanation
- Jvxetable implant j-popup with slot
- Huawei od computer test question 2
- Collection + interview questions
- C# AES对字符串进行加密
- 2022 half year summary
猜你喜欢
随机推荐
Pointer classic written test questions
GAMES202-WebGL中shader的编译和连接(了解向)
In 2022, we must enter the big factory as soon as possible
01. 开发博客项目之项目介绍
pix2pix:使用条件对抗网络的图像到图像转换
The ECU of 21 Audi q5l 45tfsi brushes is upgraded to master special adjustment, and the horsepower is safely and stably increased to 305 horsepower
C Advanced - data storage (Part 1)
Pix2pix: image to image conversion using conditional countermeasure networks
Easy to understand IIC protocol explanation
Modbus协议通信异常
Algorithm -- climbing stairs (kotlin)
Sorting out the knowledge points of multicast and broadcasting
Unity Vector3. Use and calculation principle of reflect
Questions d'examen écrit classiques du pointeur
指针经典笔试题
03. 开发博客项目之登录
Vulhub vulnerability recurrence 73_ Webmin
Unity gets the width and height of Sprite
Force buckle 1189 Maximum number of "balloons"
Summary of redis basic knowledge points