cookie的ppt

eyesmore

浏览: 364799 次
性别:
来自: 北京

最近访客更多访客>>

Java技术干货

fhtwins

zzy_001

我的西雅图之梦

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

Servlet Firefox Security 浏览器

幻灯片 9 .O {color:black; font-size:149%;} .O1 {color:black; font-size:149%;} .O2 {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

n A cookie is a small bit of text sent to the client that can be read again later

n Limitations (for the protection of the client):

n Not more than 4KB per cookie (more than enough in general)

n Not more than 20 cookies per site（一个站点的cookie不能超过20个）

n Not more than 300 cookies total（一个浏览器不超过300个）

n Cookies are not a security threat

n Cookies can be a privacy threat

n Cookies can be used to customize advertisements

n Outlook Express allows cookies to be embedded in email

n A servlet can read your cookies

n Incompetent companies might keep your credit card info in a cookie

n Netscape and Firefox let you refuse cookies to sites other than that to which you connected

Using Cookies

幻灯片 10 .O {color:black; font-size:149%;} .O1 {color:black; font-size:149%;} .O2 {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

n import javax.servlet.http.*;

n Constructor: Cookie(String name, String value)

n Assuming request is an HttpServletRequest and response is an HttpServletResponse ,

n response .addCookie(cookie);

n Cookie[ ] cookies = request .getCookies();

n String name = cookies[i].getName();

n String value = cookies[i].getValue();

n There are, of course, many more methods in the HttpServletRequest , HttpServletResponse , and
Cookie classes in the javax.servlet.http package

幻灯片 11 .O {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

Some more Cookie methods

幻灯片 11 .O {color:black; font-size:149%;} .O1 {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

n public void setComment(String purpose )

n public String getComment()

n public void setMaxAge(int expiry )

n public int getMaxAge()

n Max age in seconds after which cookie will expire

n If expiry is negative, delete when browser exits

n If expiry is zero, delete cookie immediately

n setSecure(boolean flag )

n public boolean getSecure()

n Indicates to the browser whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL

幻灯片 12 .O {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

What cookies are good for

幻灯片 12 .O {color:black; font-size:149%;} .O1 {color:black; font-size:149%;} .O2 {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

n Advantages:

n Java’s Session Tracking API (to be discussed) makes cookies dead simple to use

n Cookies can easily contain more data than hidden fields

n Data is stored on the client computer, not on yours

n This saves space on the server

n May let you avoid keeping track of multiple(session) data structures

n Disadvantages:

n Data is stored on the client computer, not on yours

n This means the data is neither safe nor secure

n Should not be used for user data--cookies may be discarded or the user may contact the server from another computer

n Users can tell their browser to turn cookies off

幻灯片 12 .O {color:black; font-size:149%;} a:link {color:#CB00CB !important;} a:active {color:#3300FF !important;} a:visited {color:#0098CB !important;}

n Cookies are good for keeping session data, not user data

分享到：