Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Client Identification and Cookies Herng-Yow Chen.

Similar presentations


Presentation on theme: "1 Client Identification and Cookies Herng-Yow Chen."— Presentation transcript:

1 1 Client Identification and Cookies Herng-Yow Chen

2 2 Outline HTTP headers that carry information about user identification Client IP addressing tracking User login, using authentication to identify users Fat URLs, a technique for embedding identify in URLs Cookies, a technique for maintaining persistent state

3 3 HTTP Headers Header nameHeader typeDescription FormRequestUser ’ s email address User-AgentRequestUser ’ s browser software RefererRequestPage user came from by following link AuthorizationRequestUsername and password(discussed later) Client-ipExtension(Request)Client ’ s IP address(discussed later) X-Forwarder-ForExtension(Request)Client ’ s IP address(discussed later) CookieExtension(Request)Server-generated ID label(discussed later)

4 4 Client IP Address serverclient Proxy server 56.41.11.4 Client-ip:56.41.11.4 X-Forwarded-For:209.172.34.56 209.172.34.56

5 5 User Login (a) (b) server client Internet GET /index.html HTTP/1.0 Host: www.joes-hardware.com server client Internet HTTP/1.0 401 Login Required WWW-authenticate: Basic realm="Plumbing and Fixtures"

6 6 User Login (c) (d) server client Internet GET /index.html HTTP/1.0 Host: www.joes-hardware.com Authorization: Basic am910jrmdw4= server client Internet HTTP/1.0 200 OK Content-length: 4342 Content-type: text/html …

7 7 Cookie Jar: Client-Side State server client (a) (b) (c) server client Internet GET /index.html HTTP/1.0 Host: www.ncnu.edu.tw HTTP/1.0 200 OK Set-cookie: id= “ 34294 ” ; domain= “ www.ncnu.edu.tw ” Content-type: text/html Content-length: 1903 … Id=34294 Internet Cookie Set-Cookie GET /index.html HTTP/1.0 Host: www.ncnu.edu.tw Cookie: id= “ 34294 ”

8 8 Different Cookies for Different Sites Can open MISE cookies in A text viewer program Name= “ session-id-time “ Value= “ 1068624000 ” Domain/path= “ amazon.com ” Proprietary format for Other attributes Coookie Each cookie file has cookies For a particular site;the cookies Are stored in text lines,one after The other

9 9 Cookie Ingredients TitleDescriptionLocation Persistent Client State: HTTP Cookies Original Netscape cookie standard http://home.netscape.com/ne wsref/std/cookie_spec.html RFC2965:HTTP State Management Mechanism October 2000 cookie standard, obsoletes RFC2109 http://www.ietf.org/rfc/rfc296 5.txt

10 10 Version 0 Set-Cookie header MAME=VALUE Expires Domain Path Secure

11 11 Version1(RFC 2965) Set-Cookie2 attributes NAME=VALUE Version Comment CommentURL Discard Domain Max-Age Path Port Secure

12 12 Cookies and Caching server client GET / HTTP/1.0 Host: www.amazon.com Http/1.1 302 Found Location: http://www.amazon.com:80/exc/obidos/subst/home/redirect.html GET /exc/obidos/subst/home/redirect.html HTTP/1.0 Host: www.amazon.com HTTP/1.1 302 Found Date: Wed, 05 Nov 2003 14:05:19 GMT Set-Cookie: session-id=103-6021036-0351066; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov-2003 20:00:00 GMT Set-Cookie: session-id-time=1068624000; Path=/; Domain=.amazon.com; expires=Sunday, 10-Nov-2003 20:00:00 GMT (a) (b) (c) (d)

13 13 Cookies and Caching client GET /exc/obidos/subst/home/redirect.html/103-6021036-0351066 HTTP/1.0 Host: www.amazon.com Cookie: session-id=103-6021036-0351066; session-id-time=1068624000 HTTP/1.1 302 Found Date: Wed, 05 Nov 2003 14:30:55 GMT Set-Cookie: ubid-main=430-2474191-8563948; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov-2035 20:00:01 GMT Set-Cookie: x-main="hQ...bf"; Path=/; Domain=.amazon.com; expires=Tuesday, 10-Nov-2035 20:00:01 GMT Location: http://www.amazon.com/exec/obidos/subst/home/home.html/103-6021036-0351066 server (e) (f)

14 14 Cookies and Caching GET /exc/obidos/subst/home/redirect.html/103-6021036-0351066 HTTP/1.0 Host: www.amazon.com Cookie: session-id=103-6021036-0351066; session-id-time=1068624000; ubid-main=430-2474191-8563948; x-main="hQ...bf" client server (g) (h)

15 15 For More Information Cookies Simon St.Laurent,McGraw-Hill http://www.ietf.org/rfc/rfc2965.txt HTTP State Management Mechanism http://www.ietf.org/rfc/rfc2964.txt Use of HTTP State Management http://home.netscape.com/newsref/std/cookie_spec.html “ PERSISTENT CLIENT STATE:HTTP COOKIES “


Download ppt "1 Client Identification and Cookies Herng-Yow Chen."

Similar presentations


Ads by Google