Cookie 和会话之间的区别? [英] Differences between cookies and sessions?

问题描述

我正在接受 Web 开发方面的培训，正在学习 JSP &Servlet.我对 HttpSession 有一些了解 - 我在我的一些示例项目中使用过它.

I am training in web developement and am learning about JSP & Servlets. I have some knowledge of HttpSession - I have used it in some of my sample projects.

在浏览器中，我看到了删除 cookie"的选项.如果我删除 cookie，它也会删除 HttpSession.

In browsers I have seen the option to "delete cookies". If I delete the cookies it deletes the HttpSession also.

cookies 和 session 是一样的吗?它们之间有什么区别?

Are cookies and session the same? What are the differences between them?

推荐答案

会话是包含用户信息的服务器端文件，而 Cookie 是包含用户信息的客户端文件.会话具有将它们映射到特定用户的唯一标识符.此标识符可以在 URL 中传递或保存到会话 cookie 中.

Sessions are server-side files that contain user information, while Cookies are client-side files that contain user information. Sessions have a unique identifier that maps them to specific users. This identifier can be passed in the URL or saved into a session cookie.

大多数现代网站使用第二种方法，将标识符保存在 Cookie 中，而不是将其传递到 URL(这会带来安全风险).您可能在不知情的情况下使用了这种方法，通过删除 cookie，您可以在删除 cookie 中包含的唯一会话标识符时有效地擦除它们的匹配会话.

Most modern sites use the second approach, saving the identifier in a Cookie instead of passing it in a URL (which poses a security risk). You are probably using this approach without knowing it, and by deleting the cookies you effectively erase their matching sessions as you remove the unique session identifier contained in the cookies.

这篇关于Cookie 和会话之间的区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！