Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Client Identification and Cookies Herng-Yow Chen.

Similar presentations


Presentation on theme: "1 Client Identification and Cookies Herng-Yow Chen."— Presentation transcript:

1 1 Client Identification and Cookies Herng-Yow Chen

2 2 Outline HTTP headers that carry information about user identification Client IP addressing tracking User login, using authentication to identify users Fat URLs, a technique for embedding identify in URLs Cookies, a technique for maintaining persistent state

3 3 HTTP Headers Header nameHeader typeDescription FormRequestUser ’ s address User-AgentRequestUser ’ s browser software RefererRequestPage user came from by following link AuthorizationRequestUsername and password(discussed later) Client-ipExtension(Request)Client ’ s IP address(discussed later) X-Forwarder-ForExtension(Request)Client ’ s IP address(discussed later) CookieExtension(Request)Server-generated ID label(discussed later)

4 4 Client IP Address serverclient Proxy server Client-ip: X-Forwarded-For:

5 5 User Login (a) (b) server client Internet GET /index.html HTTP/1.0 Host: server client Internet HTTP/ Login Required WWW-authenticate: Basic realm="Plumbing and Fixtures"

6 6 User Login (c) (d) server client Internet GET /index.html HTTP/1.0 Host: Authorization: Basic am910jrmdw4= server client Internet HTTP/ OK Content-length: 4342 Content-type: text/html …

7 7 Cookie Jar: Client-Side State server client (a) (b) (c) server client Internet GET /index.html HTTP/1.0 Host: HTTP/ OK Set-cookie: id= “ ” ; domain= “ ” Content-type: text/html Content-length: 1903 … Id=34294 Internet Cookie Set-Cookie GET /index.html HTTP/1.0 Host: Cookie: id= “ ”

8 8 Different Cookies for Different Sites Can open MISE cookies in A text viewer program Name= “ session-id-time “ Value= “ ” Domain/path= “ amazon.com ” Proprietary format for Other attributes Coookie Each cookie file has cookies For a particular site;the cookies Are stored in text lines,one after The other

9 9 Cookie Ingredients TitleDescriptionLocation Persistent Client State: HTTP Cookies Original Netscape cookie standard wsref/std/cookie_spec.html RFC2965:HTTP State Management Mechanism October 2000 cookie standard, obsoletes RFC txt

10 10 Version 0 Set-Cookie header MAME=VALUE Expires Domain Path Secure

11 11 Version1(RFC 2965) Set-Cookie2 attributes NAME=VALUE Version Comment CommentURL Discard Domain Max-Age Path Port Secure

12 12 Cookies and Caching server client GET / HTTP/1.0 Host: Http/ Found Location: GET /exc/obidos/subst/home/redirect.html HTTP/1.0 Host: HTTP/ Found Date: Wed, 05 Nov :05:19 GMT Set-Cookie: session-id= ; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov :00:00 GMT Set-Cookie: session-id-time= ; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov :00:00 GMT (a) (b) (c) (d)

13 13 Cookies and Caching client GET /exc/obidos/subst/home/redirect.html/ HTTP/1.0 Host: Cookie: session-id= ; session-id-time= HTTP/ Found Date: Wed, 05 Nov :30:55 GMT Set-Cookie: ubid-main= ; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov :00:01 GMT Set-Cookie: x-main="hQ...bf"; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov :00:01 GMT Location: server (e) (f)

14 14 Cookies and Caching GET /exc/obidos/subst/home/redirect.html/ HTTP/1.0 Host: Cookie: session-id= ; session-id-time= ; ubid-main= ; x-main="hQ...bf" client server (g) (h)

15 15 For More Information Cookies Simon St.Laurent,McGraw-Hill HTTP State Management Mechanism Use of HTTP State Management “ PERSISTENT CLIENT STATE:HTTP COOKIES “


Download ppt "1 Client Identification and Cookies Herng-Yow Chen."

Similar presentations


Ads by Google