Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting.

Similar presentations


Presentation on theme: "Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting."— Presentation transcript:

1 Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting the same Web site or domain later i.e cookie is stored on client and contain state information. Cookies are valuable for tracing users activity. » Identifying a user during an e-commerce session, » avoiding username and password, » customizing a site etc.

2 Providing convenience to the user and added value to the site owner is the purpose behind cookies. cookies are not a serious security threat. Cookies are never interpreted or executed in any way. Browsers generally only accept 20 cookies per site and 300 cookies total, and each cookie is limited to 4KB,

3 However, even though they don't present a serious security threat, they can present a significant threat to privacy.

4 The cookies class A servlet can write a cookie to user’s machine via addCookie() method of HttpServletRespoonse interface. Information that is saved for each cookie – Name – Value – Expiration date – Domain and path of cookie

5 Constructor for cookie Cookie (string name, String value)

6 String getComment() / void setComment (String s) – Gets/sets a comment associated with this cookie. String getDomain() / void setDomain (String d) – Gets/sets the domain to which cookie applies. Normally, cookies are returned only to the exact hostname that sent them. You can use this method to instruct the browser to return them to other hosts within the same domain. Note that the domain should start with a dot (e.g..prenhall.com), and must contain two dots for non-country domains like.com,.edu, and.gov, and three dots for country domains like.co.uk and.edu.es. Int getMaxAge() / void setMaxAge(int secs) – Gets/sets how much time (in seconds) should elapse before the cookie expires. If you don't set this, the cookie will present only for the current session (i.e. until the user quits the browser), and will not be stored on disk. mycookie.setMaxAge(30*24*60*60 ); String getName() – Gets/sets the name of the cookie. The name and the value are the two pieces you virtually always care about. Since the getCookies method of HttpServletRequest returns an array of Cookie objects, it is common to loop down this array until you have a particular name, then check the value with getValue.

7 String getPath () / void setPath (string p) – Gets/sets the path to which this cookie applies. If you don't specify a path, the cookie is returned for all URLs in the same directory as the current page as well as all subdirectories. This method can be used to specify something more general. For example, someCookie.setPath("/") specifies that all pages on the server should receive the cookie. Note that the path specified must include the current directory. Boolean getSecure() – Returns true if cookie must be sent using only secure protocol otherwise false Void setSecure (boolean secure) – That cookies will only send when protocol is secure. String getValue() / void setValue (string v) – Gets/sets the value associated with the cookie. Again, the name and the value are the two parts of a cookie that you almost always care about. getVersion/setVersion

8 Placing Cookies in the Response Headers The cookie is added to the Set-Cookie response header by means of the addCookie method of HttpServletResponse. Here's an example: Cookie userCookie = new Cookie("user", "uid1234"); response.addCookie(userCookie);

9 Set cookie import java.io.*; import java.net.*; import javax.servlet.*; import javax.servlet.http.*; public class CountLogin extends HttpServlet { Protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html”); PrintWriter out = response.getWriter(); String data = request.getParameter(“data”); Cookie c = new Cookie(“mycookie”,data); response. addCookie(c); }

10 Reading Cookies from the Client read the cookies that come back from the client, you call getCookies on the HttpServletRequest. Cookie[] c = request.getCookies(); if( (c != null) && ( c.lehgth > 0)) { for(int i=0; i

11 Get cookies import java.io.*; import java.net.*; import javax.servlet.*; import javax.servlet.http.*; public class CountLogin extends HttpServlet { Protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html”); PrintWriter out = response.getWriter(); Cookie[] c = request.getCookies(); for(i=0;i


Download ppt "Cookie in a servlet. Cookies are small bits of textual information that a Web server sends to a browser and that the browser returns unchanged when visiting."

Similar presentations


Ads by Google