Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Client Identification and Cookies Herng-Yow Chen.

Published byDillan Gidden Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Client Identification and Cookies Herng-Yow Chen."— Presentation transcript:

1 1 Client Identification and Cookies Herng-Yow Chen

2 2 Outline HTTP headers that carry information about user identification Client IP addressing tracking User login, using authentication to identify users Fat URLs, a technique for embedding identify in URLs Cookies, a technique for maintaining persistent state

3 3 HTTP Headers Header nameHeader typeDescription FormRequestUser ’ s email address User-AgentRequestUser ’ s browser software RefererRequestPage user came from by following link AuthorizationRequestUsername and password(discussed later) Client-ipExtension(Request)Client ’ s IP address(discussed later) X-Forwarder-ForExtension(Request)Client ’ s IP address(discussed later) CookieExtension(Request)Server-generated ID label(discussed later)

4 4 Client IP Address serverclient Proxy server 56.41.11.4 Client-ip:56.41.11.4 X-Forwarded-For:209.172.34.56 209.172.34.56

5 5 User Login (a) (b) server client Internet GET /index.html HTTP/1.0 Host: www.joes-hardware.com server client Internet HTTP/1.0 401 Login Required WWW-authenticate: Basic realm="Plumbing and Fixtures"

6 6 User Login (c) (d) server client Internet GET /index.html HTTP/1.0 Host: www.joes-hardware.com Authorization: Basic am910jrmdw4= server client Internet HTTP/1.0 200 OK Content-length: 4342 Content-type: text/html …

7 7 Cookie Jar: Client-Side State server client (a) (b) (c) server client Internet GET /index.html HTTP/1.0 Host: www.ncnu.edu.tw HTTP/1.0 200 OK Set-cookie: id= “ 34294 ” ; domain= “ www.ncnu.edu.tw ” Content-type: text/html Content-length: 1903 … Id=34294 Internet Cookie Set-Cookie GET /index.html HTTP/1.0 Host: www.ncnu.edu.tw Cookie: id= “ 34294 ”

8 8 Different Cookies for Different Sites Can open MISE cookies in A text viewer program Name= “ session-id-time “ Value= “ 1068624000 ” Domain/path= “ amazon.com ” Proprietary format for Other attributes Coookie Each cookie file has cookies For a particular site;the cookies Are stored in text lines,one after The other

9 9 Cookie Ingredients TitleDescriptionLocation Persistent Client State: HTTP Cookies Original Netscape cookie standard http://home.netscape.com/ne wsref/std/cookie_spec.html RFC2965:HTTP State Management Mechanism October 2000 cookie standard, obsoletes RFC2109 http://www.ietf.org/rfc/rfc296 5.txt

10 10 Version 0 Set-Cookie header MAME=VALUE Expires Domain Path Secure

11 11 Version1(RFC 2965) Set-Cookie2 attributes NAME=VALUE Version Comment CommentURL Discard Domain Max-Age Path Port Secure

12 12 Cookies and Caching server client GET / HTTP/1.0 Host: www.amazon.com Http/1.1 302 Found Location: http://www.amazon.com:80/exc/obidos/subst/home/redirect.html GET /exc/obidos/subst/home/redirect.html HTTP/1.0 Host: www.amazon.com HTTP/1.1 302 Found Date: Wed, 05 Nov 2003 14:05:19 GMT Set-Cookie: session-id=103-6021036-0351066; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov-2003 20:00:00 GMT Set-Cookie: session-id-time=1068624000; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov-2003 20:00:00 GMT (a) (b) (c) (d)

13 13 Cookies and Caching client GET /exc/obidos/subst/home/redirect.html/103-6021036-0351066 HTTP/1.0 Host: www.amazon.com Cookie: session-id=103-6021036-0351066; session-id-time=1068624000 HTTP/1.1 302 Found Date: Wed, 05 Nov 2003 14:30:55 GMT Set-Cookie: ubid-main=430-2474191-8563948; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov-2035 20:00:01 GMT Set-Cookie: x-main="hQ...bf"; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov-2035 20:00:01 GMT Location: http://www.amazon.com/exec/obidos/subst/home/home.html/103-6021036-0351066 server (e) (f)

14 14 Cookies and Caching GET /exc/obidos/subst/home/redirect.html/103-6021036-0351066 HTTP/1.0 Host: www.amazon.com Cookie: session-id=103-6021036-0351066; session-id-time=1068624000; ubid-main=430-2474191-8563948; x-main="hQ...bf" client server (g) (h)

15 15 For More Information Cookies Simon St.Laurent,McGraw-Hill http://www.ietf.org/rfc/rfc2965.txt HTTP State Management Mechanism http://www.ietf.org/rfc/rfc2964.txt Use of HTTP State Management http://home.netscape.com/newsref/std/cookie_spec.html “ PERSISTENT CLIENT STATE:HTTP COOKIES “

Download ppt "1 Client Identification and Cookies Herng-Yow Chen."

Similar presentations

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
HyperText Transfer Protocol (HTTP)

HyperText Transfer Protocol (HTTP)
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Application Layer-11 CSE401N: Computer Networks Lecture-4 Application Layer Overview HTTP.

Application Layer-11 CSE401N: Computer Networks Lecture-4 Application Layer Overview HTTP.
HTTP – HyperText Transfer Protocol

HTTP – HyperText Transfer Protocol
Web basics HTTP –http://www.ietf.org/rfc/rfc2616.txt –http://www2002.org/CDROM/refereed/444/ URI/L/Ns –http://www.ietf.org/rfc/rfc2396.txt HTML –http://www.w3.org/TR/html401/

Web basics HTTP – – URI/L/Ns – HTML –
1 Internet Privacy - At Home and At Work: A Tutorial Presented by Dr. Robert J. Boncella Professor of CIS CIS Department and School of Business Washburn.

1 Internet Privacy - At Home and At Work: A Tutorial Presented by Dr. Robert J. Boncella Professor of CIS CIS Department and School of Business Washburn.
HyperText Transfer Protocol (HTTP) Computer Networks Computer Networks Spring 2012 Spring 2012.

HyperText Transfer Protocol (HTTP) Computer Networks Computer Networks Spring 2012 Spring 2012.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.

HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
How the web works: HTTP and CGI explained

How the web works: HTTP and CGI explained
Cornell CS502 Web Basics and Protocols CS 502 – 20020129 Carl Lagoze Acks to McCracken Syracuse Univ.

Cornell CS502 Web Basics and Protocols CS 502 – Carl Lagoze Acks to McCracken Syracuse Univ.
HTTP Cookie CSC 667/867. PERSISTENT CLIENT STATE HTTP COOKIES Cookies are a general mechanism which server side connections (such as CGI scripts) can.

HTTP Cookie CSC 667/867. PERSISTENT CLIENT STATE HTTP COOKIES Cookies are a general mechanism which server side connections (such as CGI scripts) can.
9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.

9/16/2003-9/18/2003 The Application Layer and Java Programming September 16-18, 2003.
Web, HTTP and Web Caching

Web, HTTP and Web Caching
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
2/9/2004 Web and HTTP February 9, 2004. 2/9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.

2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Hypertext Transport Protocol CS - 328 Dick Steflik.

Hypertext Transport Protocol CS Dick Steflik.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as e-mail.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .

Similar presentations

Ads by Google