Product manager must know the knowledge point-cookie and session

As a Product manager, it’s hard to Design a Product without knowledge of cookies and sessions. Especially for website Product managers, cookies and sessions are a must-have point.

If the Product manager in the medium and large enterprises, the cookie and session is very useful, then talk about the cookie and session in the end is what.

What is cookie

Cookie is a “communication card” sent by the server to the client.

Cookie is the browser to access the server, the server passed to the browser for a period of data. The client browser saves the cookie and can not be easily deleted. When the browser makes a request to the server again, the browser submits the cookie together with the website address to the server, and the server identifies the user status.

cookie’s properties

1.name: the name of the cookie, the name of the cookie can not be changed once it is created.

Value: the value of the cookie, the content of the information recorded in the cookie.

Expire: Cookie expiration time, in seconds

Note: I Believe we have encountered such a situation, before the browser clearly recorded account number and password, after a period of time let you log in again, which means your cookie expired. expire is positive, expire seconds expired, cookie invalid. When expire is 0, it means the browser is closed and the cookie is deleted. When expire is negative, the cookie expires when the browser is closed. The value of expire is 0.

If the cookie does not set expiration time, said that his life cycle will end with the browser closed, this cookie is called a session cookie, generally not stored in the hard disk but stored in memory.

If you set the expiration time, the browser will save the cookie on the hard disk, open the browser will remain in force until its expiration time.

Path: the use of the path of the cookie.

5.domain: can access the domain name of the cookie.

Secure: Whether to use the secure HTTPS protocol for transmission. The default value is 0

Httponly: Whether to transmit only through the HTTP protocol, the default is 0

Except for the value of the name parameter is necessary, the other values ​​are optional, the first three parameters are usually used.

application scenario

Automatic login: If you do not want users to log in every time you enter the user name and password, as long as check the login name and password to remember, you can write the user name and password cookie, the next visit to the site, the site page script can Read this information, automatically fill in the user name and password, user-friendly.

Achieve pop-up function: When the user for the first time into some online Education website, financial website …, usually give users a pop-up bullet pop-up window, when click cancel, perhaps after three days will pop up, this is because After the cookie expires, you need to reset the cookie.

Custom Content: The website creates the cookie for the user to browse the content, and then can customize the user’s favorite content according to the user’s browsing content. When the user next enters, the server can recommend the user’s favorite content to the user, so as to retain the user the goal of.

Record PV: The cookie has a special value to record the number of user visits, when the user visits again, the cookie will increase the value of 1 and output.

Session is what

Session is very important in web technology. Since the web page is a stateless connection Program, it is impossible to know the user’s browsing status. When shopping online, many items are added to the shopping cart, and the checkout website does not know what items are in your shopping cart. In order to solve this problem, the server creates a specific session for a specific user, which is used to mark and track the user, so as to know what is in the shopping cart.

Unlike cookie stored in the browser side, the session is stored on the server side

The relationship between Session and cookie

The above said that you can use cookies to track users, the use of session can also be achieved to achieve the tracking user uses a session generated unique ID. There are two ways to do this:

1, the first is based on the cookie way to pass the session. This method is limited because the client can disable cookies.

Cookie-based delivery is the current Session name and ID stored in the cookie, when the user requests the server again, the Session ID will be sent back, when the script to use the session again, it will be based on the Session in the cookie ID returns the existing Session.

2, the second is passed through the URL parameters, the session ID embedded directly into the URL.

The first is cookie-based delivery, and the cookie is disabled on the client, so this will no longer work, which requires the URL to pass Session.

A cookie is a small piece of “data” stored in a browser, and a session is a “mechanism” for a server to recognize a user. A session needs to use a cookie during implementation.

Session application scenario

For example, an unregistered user to Taobao website to buy things, respectively, in the shopping cart to add A, B, C three items, this time the server returns a cookie in front of the cookie to save the session Name [zhangsan], ID = [001], three items of data stored in the session, so that when Zhang next time to check the shopping cart, it will session ID = 001 field client to the server, the server to find The corresponding session, which shows the appropriate shopping cart data.

No Comments

Leave a Reply