Specifically, cookies are saved on the "client", and sessions are saved on the "server".
Cookies are implemented by extending the http protocol
Cookies mainly include: name, value, expiration time, path and domain;
If the cookie does not set the life cycle, it is closed by the browser. This cookie is generally stored in memory rather than on the hard disk. If the life cycle is set, it will not disappear with the browser's closing. These cookies are still valid until the set expiration time has exceeded.
session A form similar to a hash table to save information,
When the program needs to create a session for a client's request, the server first checks whether the client's request has a session identifier included in the client's request.
(called session id). If it is included, it means that the session has been created for this client before. The server will retrieve the session according to the session id.
Use (cannot retrieve, new one will be created). If the client request does not contain the session id, a session is created for this client and a session is generated for this session.
The associated session id, the value of the session id should be a string that is neither repeated nor easily found to be patterned. This session id will be responded in this time.
Return to the client to save. The way to save this session id can use cookies, so that the browser can automatically send this identifier to the
server. Generally, the name of this cookie is similar to SEEESIONID. But cookies can be artificially prohibited, then there must be other mechanisms so that when cookies are prohibited
The session id can still be passed back to the server.
Pros and cons:
1. The cookie data is stored on the customer's browser and the session data is placed on the server.
2. Cookies are not very safe. Others can analyze the COOKIE stored locally and perform COOKIE spoofing. Considering the security, session should be used.
3. The session will be saved on the server within a certain period of time. When access increases, it will take up more performance of your server. Considering the reduction of server performance, COOKIE should be used.
4. The data saved by a single cookie cannot exceed 4K. Many browsers restrict a site to save up to 20 cookies.
5. So personal suggestions:
Store important information such as login information as SESSION
Other information can be placed in COOKIE if it needs to be retained.
The above article briefly talks about the difference between cookies and sessions is all the content I share with you. I hope it can give you a reference and I hope you can support Wulin.com more.