Cookies are arbitrary pieces of data chosen by the web server and sent to the
browser. The browser returns them unchanged
to the server, introducing a state (memory of previous events) into
otherwise stateless HTTP transactions. Without cookies, each retrieval of a web
page or component of a web page is an isolated event, mostly unrelated to all
other views of the pages of the same site. Other than being set by a web server,
cookies can also be set by a script in a language such as JavaScript, if
supported and enabled by the web browser.
Cookie specifications suggest that
browsers should be able to save and send back a minimal number of cookies. In
particular, a web browser is expected to be able to store at least 300 cookies
of four kilobytes each, and at least 20 cookies per server or domain.
Browsers are expected to support, at least, cookies with a size of 4KB. It consists of seven components:
The first two components (name and value) are required to be explicitly set.
cookie机制采用的是在客户端保持状态的方案,而session机制采用的是在服务器端保持状态的方案。
session产生的session_id放在cookie里面,如果用户把cookie禁止掉,是不是session也不能用了呢?禁止掉cookie后,session当然可以用,不过通过其他的方式来获得这个sessionid,比如,可以根在url的后面,或者以表单的形势提交到服务器端。从而使服务器端了解客户端的状态。
某些浏览器在打开多页面时也可能建立独立的session,IE8、Chrome默认都是共享 session的。
Cookie and Session,布布扣,bubuko.com
原文地址:http://www.cnblogs.com/linyx/p/3746778.html
