Cookie
HTTP Cookie(也叫 Web Cookie 或浏览器 Cookie)是服务器发送到用户浏览器并保存在本地的一小块数据,它会在浏览器下次向同一服务器再发起请求时被携带并发送到服务器上。通常,它用于告知服务端两个请求是否来自同一浏览器,如保持用户的登录状态。
会话跟踪技术
原理图
Cookie
Cookie基本使用
创建web项目
- 创建webapp骨架项目
- 导入pom.xml坐标
- 创建java和resources目录
发送Cookie案例
编写Servlet
package com.taotao.web;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;/*** create by 刘鸿涛* 2022/4/1 13:29*/@WebServlet("/aServlet")public class AServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//发送Cookie//1.创建Cookie对象 键、对值Cookie cookie = new Cookie("username","taotao");//2.发送Cookie,responseresp.addCookie(cookie);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doGet(req, resp);}}
运行测试-发送Cookie
得到Cookie案例
编写Servlet
package com.taotao.web;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;/*** create by 刘鸿涛* 2022/4/1 13:29*/@WebServlet("/bServlet")@SuppressWarnings({"all"})public class BServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//获取Cookie//获取Cookie数组Cookie[] cookies = req.getCookies();//遍历数组for (Cookie cookie: cookies) {//获取数据String name = cookie.getName();if("username".equals(name)){String value = cookie.getValue();System.out.println(name + " :" + value);}break;}}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doGet(req, resp);}}
运行测试-获取Cookie
:::info
先访问aServlet发送cookie
:::
:::info
访问bServlet得到发送的cookie
:::
Cookie原理
响应头set-cookie
Cookie使用细节
cookie存活时间
:::info 设置cookie存活时间,可以让cookie驻留在电脑硬盘上 :::
编写aServlet
package com.taotao.web;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;/*** create by 刘鸿涛* 2022/4/1 13:29*/@WebServlet("/aServlet")public class AServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//发送Cookie//1.创建Cookie对象 键、对值Cookie cookie = new Cookie("username","taotao");//设置cookie的存活时间 1周7天cookie.setMaxAge(60*60*24*7); //单位为秒s//2.发送Cookie,responseresp.addCookie(cookie);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doGet(req, resp);}}
运行测试
:::info
先访问aServlet,然后关闭浏览器
:::
:::info
再次打开浏览器,访问bServlet,发现可以得到cookie
:::
查看电脑硬盘存在的cookie
Cookie存储中文
默认存储中文报错
进行转码:URL编码
package com.taotao.web;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;import java.net.URLEncoder;/*** create by 刘鸿涛* 2022/4/1 13:29*/@WebServlet("/aServlet")public class AServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//发送Cookie//1.创建Cookie对象 键、对值String value = "涛涛";//URL编码value = URLEncoder.encode(value, "UTF-8");System.out.println("存储数据:" + value);Cookie cookie = new Cookie("username",value);//设置cookie的存活时间 1周7天cookie.setMaxAge(60*60*24*7); //单位为秒s//2.发送Cookie,responseresp.addCookie(cookie);}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doGet(req, resp);}}
测试运行
进行解码:UT8-8
package com.taotao.web;import javax.servlet.ServletException;import javax.servlet.annotation.WebServlet;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException;import java.net.URLDecoder;/*** create by 刘鸿涛* 2022/4/1 13:29*/@WebServlet("/bServlet")@SuppressWarnings({"all"})public class BServlet extends HttpServlet {@Overrideprotected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {//获取Cookie//获取Cookie数组Cookie[] cookies = req.getCookies();//遍历数组for (Cookie cookie: cookies) {//获取数据String name = cookie.getName();if(name.equals("username")){String value = cookie.getValue();//URL解码value = URLDecoder.decode(value, "UTF-8");System.out.println(name + " :" + value);break;}}}@Overrideprotected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {this.doGet(req, resp);}}
测试运行
Cookie自我理解
cookie的实现是基于HTTP协议的
学了这个cookie,感觉可有意思,还可以设置生命周期
感觉这个cookie中插入点木马病毒,应该也是可以的,
也就是说,只要你们用完浏览器不清除某个站点请求的cookie,那么,那个站点就有可能攻击你
若有收获,就点个赞吧
0 人点赞
