Presentation is loading. Please wait.

Presentation is loading. Please wait.

Persistence Maintaining state using cookies and queries.

Published byRoland Cummings Modified over 8 years ago

Similar presentations

Presentation on theme: "Persistence Maintaining state using cookies and queries."— Presentation transcript:

1 Persistence Maintaining state using cookies and queries

2 State is the Problem What is state? facebook status mailbox flag conversations talking about what? talking to whom?

3 HTTP Protocol Stateless by design! Your machine & the server do not know What website you were on What you just did on the website Who you are page to page Each page is INDEPENDENT / SEPARATE

4 Why do you care? Maintain items in a shopping cart Website User Accounts Web Apps using more than ONE page Allow bookmarks of query results Polling, Statistics, Advertising

5 Top 2 Techniques URL Query Strings Cookies

6 Query string URL (Uniform Resource Locator) delineator character: ? location (http://google.com) query=”what is a cookie?” http://google.com?query=what%20is%2 0a%20cookie? http://google.com

7 write the right side of ? form tags’ names and values are converted into a URL query string onsubmit tag attributes containing URLs the DOM window.location object

8 demo Google

9 DOM location location.search = string of the ? side String object has methods! substring(), substr() split() is extremely useful!.length = # of how long string is location.search.substring(start,length);

10 Cookies AKA: tokens or tickets Browser stores a STRING of data for you Browser sends server STRING for every http connection it makes Server can send browser STRING to store as well

11 How does it work? Browser keeps STRING stored by website Sends STRING only to that website unless Temporary - dies when browser quits Expiration date passed Max string size of 4KB Max 20 cookies per server

12 document.cookie string object but HACKED strict complex formatting rules String object methods are needed string must be valid URL! encodeURI() & decodeURI() add / remove %## codes; %20 = space

13 Cookie attributes NOT an object (but should have been) so each “attribute” is formatted into the cookie string and the browser parses the info right back out again name=value; attribute=av; attribute2=av2

14 Expires attribute Date → specified in UTC format Weekday Mon DD HH:MM:SS Time Zone YYYY Set manually or Date object/methods Delete cookie: set date in the past

15

16 Path attribute Determines availability of cookie to other Web pages on a server Syntax: document.cookie = (“x=123“ + “;path=/MyFiles”); Use slash (/) to indicate root directory

17 Domain attribute Used for sharing cookies across multiple servers in the same domain Syntax: document.cookie = (“x=123“ + “; domain=.xyz.com”);

18 Secure attribute Indicates that a cookie can only be transmitted across a secure Internet connection using HTTPS or another security protocol Syntax document.cookie = (“x=123“ + “; secure=true”);

19 Reading Cookies Cookies are a string that must be parsed Decode cookie using decodeURI() method Use split() method to place each name=value pair into an array Use String object methods to extract required portions of each array element

20 Simple Example document.cookie= encodeURI("name=mycookie string; secure"); x = document.cookie x is name=mycookie%20string; oldname=oldcookie you may see cookies returned! use split()

21 DEMO

22 Security Queries are not secure Cookies are not secure Easily accessible and editable! Cookies can be set secure - browser will only send over HTTPS but are not that safe

Download ppt "Persistence Maintaining state using cookies and queries."

Similar presentations

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)

UFCE8V-20-3 Information Systems Development 3 (SHAPE HK)
ECA 225 Applied Interactive Programming1 ECA 225 Applied Online Programming cookies.

ECA 225 Applied Interactive Programming1 ECA 225 Applied Online Programming cookies.
JavaScript Forms Form Validation Cookies. What JavaScript can do  Control document appearance and content  Control the browser  Interact with user.

JavaScript Forms Form Validation Cookies. What JavaScript can do  Control document appearance and content  Control the browser  Interact with user.
Lesson 8 Cookies. What is a cookie A little “tarball” of information stored on the client machine’s hard drive. –Usually in the cookies.txt file –information.

Lesson 8 Cookies. What is a cookie A little “tarball” of information stored on the client machine’s hard drive. –Usually in the cookies.txt file –information.
JavaScript Forms Form Validation Cookies CGI Programs.

JavaScript Forms Form Validation Cookies CGI Programs.
Web-based Application Development Lecture 20 April 4, 2006 Anita Raja.

Web-based Application Development Lecture 20 April 4, 2006 Anita Raja.
HTTP Cookie CSC 667/867. PERSISTENT CLIENT STATE HTTP COOKIES Cookies are a general mechanism which server side connections (such as CGI scripts) can.

HTTP Cookie CSC 667/867. PERSISTENT CLIENT STATE HTTP COOKIES Cookies are a general mechanism which server side connections (such as CGI scripts) can.
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.

XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
Chapter 10 Managing State Information PHP Programming with MySQL.

Chapter 10 Managing State Information PHP Programming with MySQL.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.
Objectives Learn about state information

Objectives Learn about state information
Chapter 9 Using Perl for CGI Programming. Computation is required to support sophisticated web applications Computation can be done by the server or the.

Chapter 9 Using Perl for CGI Programming. Computation is required to support sophisticated web applications Computation can be done by the server or the.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.

Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.

CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
Chapter 16 The World Wide Web. 2 The Web An infrastructure of information combined and the network software used to access it Web page A document that.

Chapter 16 The World Wide Web. 2 The Web An infrastructure of information combined and the network software used to access it Web page A document that.
IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.

IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.
Cookies and Security Saving the “state”

Cookies and Security Saving the “state”
JavaScript, Fourth Edition

JavaScript, Fourth Edition
Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.

Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.

Similar presentations

Ads by Google