Simulate browser login => Process cookies

Headers refers to the request header of THE HTTP protocol. Generally, it stores data irrelevant to the request content. Sometimes, it also stores some security authentication information, such as user-Agent,token, and cookie

Cookie

The definition of the Cookie

Cookie is the special information sent by the server to the client, which is stored in the form of text files on the client, and then the client will bring these special information when sending requests to the server for the server to record the status of the client.

Cookies are mainly used for the following three aspects:

Session state management (such as user login status, shopping cart, game score, or other information that needs to be logged)
Personalization (such as user-defined Settings, themes, etc.)
Browser behavior tracking (e.g. tracking and analyzing user behavior, etc.)

Step 1: After the user enters the user name and password, the browser sends the user name and password to the server. The server authenticates the user information. After the authentication is successful, the user information is encrypted and encapsulated into a Cookie, which is returned to the browser in the request header.

Step 2: The browser receives the data from the server and finds a set-cookie in the request header. It stores the Cookie and sends it to the server in the request header the next time it requests the server:

Step 3: After receiving the request, the server gets the cookie from the request header, and then parses the cookie to the user information, indicating that the user has logged in, and the cookie is to save the data on the client.

Cookie attribute

Cookies have the following attributes: Name, Value, Domain, Path, Expires/ max-age, Size, HTTP, and Secure

1. Name&Value

Name indicates the Name of the Cookie, and the server obtains a Cookie value through the Name attribute.

Value indicates the Cookie Value. In most cases, the server will use this Value as a key to query the saved data in the cache.

2.Domain&Path

Domain Indicates the Domain name that can access the cookie.

Path indicates the page Path from which this cookie can be accessed. For example, if path=/test, only pages under the /test path can read this cookie.

3.Expires/Max-Age

Expires/ max-age Indicates the cookie timeout period. If the value is set to a time, the cookie becomes invalid when the time is reached. If this parameter is not set, the default value is Session, which means that the cookie will expire with the Session. This cookie expires when the browser closes (not the browser TAB, but the entire browser).

Tip: When Cookie expiration is set, the date and time are only relevant to the client, not the server.

4.Size

Size indicates the number of characters in the Cookie name+value. For example, if there is a Cookie id=666, Size=2+3=5.

Also, every browser supports cookies differently

5.HTTP

HTTP represents the Httponly property of the cookie. If this property is true, the cookie is only contained in the HTTP request header and cannot be accessed through document.cookie.

This feature is designed to provide a security measure to help prevent cookie theft through javascript-initiated cross-site scripting attacks (XSS).

6.Secure

Secure indicates whether this cookie can only be passed over HTTPS. Unlike the other options, this option is just a tag and has no other value.

The contents of such cookies are meant to be of high value and could potentially be hacked and transmitted in plain text.

Set the Cookie

The first is to copy the cookie value directly from the browser. Second method: Session

Session

Session is translated as a Session. The server creates a Session object for each browser. When the browser requests the server for the first time, the server will generate a Session object for the browser, save it in the server, and send the Session Id to the client in the form of cookie to browse. The session ends when the user explicitly terminates or the session times out.

Let’s look at how sessions work:

When a user sends the first request to the server, the server establishes a session for that user and creates an id (sessionID) for that session.
All subsequent requests from this user should include this id (sessionID). The server calibrates this id to determine which session the request belongs to.

There are two ways to implement session ids: cookies and URL rewriting

Cookie is to save data directly in the client, while Session is to save data in the server, in terms of security Session is better!

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Crawler learning – Requests advanced

Simulate browser login => Process cookies

Cookie

The definition of the Cookie

Cookies are mainly used for the following three aspects:

Cookie attribute

1. Name&Value

2.Domain&Path

3.Expires/Max-Age

4.Size

5.HTTP

6.Secure

Set the Cookie

Session

Crawler learning – Requests advanced

Simulate browser login => Process cookies

Cookie

The definition of the Cookie

Cookies are mainly used for the following three aspects:

Cookie attribute

1. Name&Value

2.Domain&Path

3.Expires/Max-Age

4.Size

5.HTTP

6.Secure

Set the Cookie

Session

Related Posts

Will programmers still be paid what they are now ten years from now?

Ccf-csp problem solving records

Use the optimal stop theory to find your true love