1 Client Identification and Cookies Herng-Yow Chen.

Slides:



Advertisements
Similar presentations
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Advertisements

HyperText Transfer Protocol (HTTP)
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Application Layer-11 CSE401N: Computer Networks Lecture-4 Application Layer Overview HTTP.
HTTP – HyperText Transfer Protocol
Web basics HTTP – – URI/L/Ns – HTML –
1 Internet Privacy - At Home and At Work: A Tutorial Presented by Dr. Robert J. Boncella Professor of CIS CIS Department and School of Business Washburn.
HyperText Transfer Protocol (HTTP) Computer Networks Computer Networks Spring 2012 Spring 2012.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
How the web works: HTTP and CGI explained
Cornell CS502 Web Basics and Protocols CS 502 – Carl Lagoze Acks to McCracken Syracuse Univ.
HTTP Cookie CSC 667/867. PERSISTENT CLIENT STATE HTTP COOKIES Cookies are a general mechanism which server side connections (such as CGI scripts) can.
9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.
Web, HTTP and Web Caching
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Hypertext Transport Protocol CS Dick Steflik.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
Human-Computer Interface Course 5. ISPs and Internet connection.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
Cookies Set a cookie – setcookie() Extract data from a cookie - $_COOKIE Augment user authentication script with a cookie.
Java Technology and Applications
Krerk Piromsopa. Web Caching Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
FTP (File Transfer Protocol) & Telnet
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
Mail (smtp), VoIP (sip, rtp)
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.
TCP/IP Protocol Suite 1 Chapter 22 Upon completion you will be able to: World Wide Web: HTTP Understand the components of a browser and a server Understand.
2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.
Application Layer 2 Figures from Kurose and Ross
Rensselaer Polytechnic Institute Shivkumar Kalvanaraman, Biplab Sikdar 1 The Web: the http protocol http: hypertext transfer protocol Web’s application.
20-1 Last time □ NAT □ Application layer ♦ Intro ♦ Web / HTTP.
2: Application Layer1 Internet apps: their protocols and transport protocols Application remote terminal access Web file transfer streaming multimedia.
Week 11: Application Layer1 Web and HTTP First some jargon r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,…
2: Application Layer1 Web and HTTP First some jargon Web page consists of base HTML-file which includes several referenced objects Object can be HTML file,
Browser Web Server Users DB 2a. Redirect to login page plugin 1. access a protected page Login Web Server (https) aislogin.cern.ch edh.cern.ch 3a. Set.
Working with Cookies Managing Data in a Web Site Using JavaScript Cookies* *Check and comply with the current legislation regarding handling cookies.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
1 Back to Cookies!. 2 “Cookies” Invented by Netscape, included in Netscape version 0.9β (September, 1994) Patent applied for in 1995, granted Quote.
Web Hosting Herng-Yow Chen. Outline How different web site can be “ virtually hosted ” on the same server, and how this affects HTTP How to make web sites.
1 HTTP EECS 325/425, Fall 2005 September Chapter 2: Application layer r 2.1 Principles of network applications m app architectures m app requirements.
CIS679: Lecture 13 r Review of Last Lecture r More on HTTP.
CSx760 Computer Networks1 HTTP. CSx760 Computer Networks2 The Web: Some Jargon r Web page: m consists of “objects” m addressed by a URL r Most Web pages.
A Little Bit About Cookies Fort Collins, CO Copyright © XTR Systems, LLC A Little Bit About Cookies Instructor: Joseph DiVerdi, Ph.D., M.B.A.
1-1 HTTP request message GET /somedir/page.html HTTP/1.1 Host: User-agent: Mozilla/4.0 Connection: close Accept-language:fr request.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
© 2010 Computer Science Faculty, Kabul University HTTP CONTINUED… 4 TH LECTURE 2, May, 2010 Baseer Ahmad Baheer.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP Headers Client IP Address HTTP User Login FAT URLs Cookies.
Operating Systems Lesson 12. HTTP vs HTML HTML: hypertext markup language ◦ Definitions of tags that are added to Web documents to control their appearance.
WEB SERVER Mark Kimmet Shana Blair. The Project Web Server Application  Receives request for web pages or images from a client browser via the internet.
CITA 310 Section 2 HTTP (Selected Topics from Textbook Chapter 6)
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7
Web Services. 2 Internet Collection of physically interconnected computers. Messages decomposed into packets. Packets transmitted from source to destination.
Internet and Intranet Protocols and Applications Lecture 13: Web Beyond HTTP 4/25/2000 Arthur P. Goldberg Computer Science Department New York University.
1 PHP HTTP After this lecture, you should be able to know: How to create and process web forms with HTML and PHP. How to create and process web forms with.
World Wide Web r Most Web pages consist of: m base HTML page, and m several referenced objects addressed by a URL r URL has two components: host name and.
COEN 350: Network Security E-Commerce Issues. Table of Content HTTP Authentication Cookies.
Week 11: Application Layer 1 Web and HTTP r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,… r Web page consists.
Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.
© Janice Regan, CMPT 128, Jan 2007 CMPT 371 Data Communications and Networking HTTP 0.
Programming for the Web Cookies & Sessions Dónal Mulligan BSc MA
2: Application Layer 1 Chapter 2 Application Layer These ppt slides are originally from the Kurose and Ross’s book. But some slides are deleted and added.
Block 5: An application layer protocol: HTTP
Client / Session Identification Cookies
14-мавзу. Cookie, сеанс, FTP и технологиялари
Client / Session Identification Cookies
Session Tracking Techniques
Presentation transcript:

1 Client Identification and Cookies Herng-Yow Chen

2 Outline HTTP headers that carry information about user identification Client IP addressing tracking User login, using authentication to identify users Fat URLs, a technique for embedding identify in URLs Cookies, a technique for maintaining persistent state

3 HTTP Headers Header nameHeader typeDescription FormRequestUser ’ s address User-AgentRequestUser ’ s browser software RefererRequestPage user came from by following link AuthorizationRequestUsername and password(discussed later) Client-ipExtension(Request)Client ’ s IP address(discussed later) X-Forwarder-ForExtension(Request)Client ’ s IP address(discussed later) CookieExtension(Request)Server-generated ID label(discussed later)

4 Client IP Address serverclient Proxy server Client-ip: X-Forwarded-For:

5 User Login (a) (b) server client Internet GET /index.html HTTP/1.0 Host: server client Internet HTTP/ Login Required WWW-authenticate: Basic realm="Plumbing and Fixtures"

6 User Login (c) (d) server client Internet GET /index.html HTTP/1.0 Host: Authorization: Basic am910jrmdw4= server client Internet HTTP/ OK Content-length: 4342 Content-type: text/html …

7 Cookie Jar: Client-Side State server client (a) (b) (c) server client Internet GET /index.html HTTP/1.0 Host: HTTP/ OK Set-cookie: id= “ ” ; domain= “ ” Content-type: text/html Content-length: 1903 … Id=34294 Internet Cookie Set-Cookie GET /index.html HTTP/1.0 Host: Cookie: id= “ ”

8 Different Cookies for Different Sites Can open MISE cookies in A text viewer program Name= “ session-id-time “ Value= “ ” Domain/path= “ amazon.com ” Proprietary format for Other attributes Coookie Each cookie file has cookies For a particular site;the cookies Are stored in text lines,one after The other

9 Cookie Ingredients TitleDescriptionLocation Persistent Client State: HTTP Cookies Original Netscape cookie standard wsref/std/cookie_spec.html RFC2965:HTTP State Management Mechanism October 2000 cookie standard, obsoletes RFC txt

10 Version 0 Set-Cookie header MAME=VALUE Expires Domain Path Secure

11 Version1(RFC 2965) Set-Cookie2 attributes NAME=VALUE Version Comment CommentURL Discard Domain Max-Age Path Port Secure

12 Cookies and Caching server client GET / HTTP/1.0 Host: Http/ Found Location: GET /exc/obidos/subst/home/redirect.html HTTP/1.0 Host: HTTP/ Found Date: Wed, 05 Nov :05:19 GMT Set-Cookie: session-id= ; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov :00:00 GMT Set-Cookie: session-id-time= ; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov :00:00 GMT (a) (b) (c) (d)

13 Cookies and Caching client GET /exc/obidos/subst/home/redirect.html/ HTTP/1.0 Host: Cookie: session-id= ; session-id-time= HTTP/ Found Date: Wed, 05 Nov :30:55 GMT Set-Cookie: ubid-main= ; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov :00:01 GMT Set-Cookie: x-main="hQ...bf"; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov :00:01 GMT Location: server (e) (f)

14 Cookies and Caching GET /exc/obidos/subst/home/redirect.html/ HTTP/1.0 Host: Cookie: session-id= ; session-id-time= ; ubid-main= ; x-main="hQ...bf" client server (g) (h)

15 For More Information Cookies Simon St.Laurent,McGraw-Hill HTTP State Management Mechanism Use of HTTP State Management “ PERSISTENT CLIENT STATE:HTTP COOKIES “

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.