问题描述
在服务器和客户端上创建 cookie 有什么区别?这些被称为服务器端 cookie 和客户端 cookie 吗?有没有办法创建只能在服务器或客户端读取的cookie?
What is the difference between creating cookies on the server and on the client? Are these called server side cookies and client side cookies? Is there a way to create cookies that can only be read on the server or on the client?
推荐答案
HTTP COOKIES
Cookie 是网站用于在浏览器上存储状态信息的键/值对.假设您有一个网站 (example.com),当浏览器请求网页时,该网站可以发送 cookie 以在浏览器上存储信息.
HTTP COOKIES
Cookies are key/value pairs used by websites to store state information on the browser. Say you have a website (example.com), when the browser requests a webpage the website can send cookies to store information on the browser.
浏览器请求示例:
GET /index.html HTTP/1.1
Host: www.example.com
来自服务器的示例回答:
Example answer from the server:
HTTP/1.1 200 OK
Content-type: text/html
Set-Cookie: foo=10
Set-Cookie: bar=20; Expires=Fri, 30 Sep 2011 11:48:00 GMT
... rest of the response
这里有两个 cookie foo=10 和 bar=20 存储在浏览器中.第二个将于 9 月 30 日到期.在随后的每个请求中,浏览器都会将 cookie 发送回服务器.
Here two cookies foo=10 and bar=20 are stored on the browser. The second one will expire on 30 September. In each subsequent request the browser will send the cookies back to the server.
GET /spec.html HTTP/1.1
Host: www.example.com
Cookie: foo=10; bar=20
Accept: */*
会话:服务器端 cookie
服务器端 cookie 被称为会话".在这种情况下,网站在浏览器上存储了一个包含唯一会话标识符的 cookie.状态信息(上面的 foo=10 和 bar=20)存储在服务器上,会话标识符用于将请求与存储在服务器上的数据进行匹配.
SESSIONS: Server side cookies
Server side cookies are known as "sessions". The website in this case stores a single cookie on the browser containing a unique Session Identifier. Status information (foo=10 and bar=20 above) are stored on the server and the Session Identifier is used to match the request with the data stored on the server.
您可以同时使用会话和 cookie 来存储:身份验证数据、用户首选项、电子商务网站中图表的内容等...
You can use both sessions and cookies to store: authentication data, user preferences, the content of a chart in an e-commerce website, etc...
以下解决方案的优缺点.这些是我想到的第一个,肯定还有其他的.
Below pros and cons of the solutions. These are the first that comes to my mind, there are surely others.
Cookie 的优点:
- 可扩展性:所有数据都存储在浏览器中,因此每个请求都可以通过负载均衡器到达不同的网络服务器,并且您拥有完成请求所需的所有信息;
- 可以通过浏览器上的 javascript 访问它们;
- 不在服务器上,它们将在服务器重新启动后存活;
- RESTful:请求不依赖于服务器状态
Cookie 的缺点:
- 存储空间限制为 80 KB(20 个 cookie,每个 4 KB)
- 安全 cookie 并不容易实现:看看论文 安全的 cookie 协议
- storage is limited to 80 KB (20 cookies, 4 KB each)
- secure cookies are not easy to implement: take a look at the paper A secure cookie protocol
会话优点:
- 通常更易于使用,在 PHP 中可能没有太大区别.
- 无限存储
会话缺点:
- 更难扩展
- 在网络服务器重新启动时,您可能会丢失或不丢失所有会话,具体取决于实现
- 不是 RESTful
这篇关于服务器端 cookie 和客户端 cookie 有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,WP2