cookieless = false用于会话状态管理 [英] cookieless = false for session state management

问题描述

大家好，



我是ASP.net开发的新手。

如果我使用会话 cookieless = false （表示它将会话ID存储在cookie中）。

和浏览器cookie被禁用，

然后会话ID存储在哪里？

是URL吗？

hi to all,

I am new to ASP.net development.
If i use session for which cookieless = false (means it stores session id in cookies).
and at browser cookies are disabled,
then where the session id is stored?
is it URL?

推荐答案

会话状态（几乎总是）存储在服务器上，并由随机数识别，会话令牌。



该令牌需要由客户端存储，并与他的HTTP请求一起发送到服务器（以便服务器记住他之前见过他）并将会话与请求相关联。）



如何说会话存储在服务器上，是不是，会话存储在服务器上？



只有会话令牌存储在客户端上，由于它是一个随机数，因此它本身不包含任何有用的信息。它只与存储在服务器上的数据一起变得有价值。



如果是，那么cookieless会话的概念是什么



存储令牌的最简单方法是使用cookie。这就是发明饼干的原因。替代方案是使用隐藏的表单变量或作为URL的一部分来回传递cookie。

Session state is (almost always) stored on the server, and it is identified by a random number, the session token.

That token needs to be stored by the client, and sent to the server along with his HTTP requests (so that the server can remember that he has seen him before and associate the session to the request).

how one can say that session are stored on server, is that right, that sessions are stored on server?

Only the session token is stored on the client, and since it is a random number, it does not contain any useful information in itself. It only becomes valuable together with the data stored on the server.

if yes then what is the concept of cookieless session

The easiest way to store the token is using cookies. That is what cookies were invented for. Alternatives are handing the cookie back and forth using hidden form variables or as part of the URL.

这篇关于cookieless = false用于会话状态管理的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！