1.声明
本文属于个人理解,如果觉得理解有误的话还请各位指出。
2.问题描述
cookie是什么?servlet中cookie是什么?servlet中如何设置cookie?什么时候会设置cookie?为什么第一次访问jsp页面会设置一个cookie?为什么HttpServletRquest.getSession();会设置一个JSESSIONID的cookie?
3.什么是cookie?
cookie 严格来讲是http cookie。cookie是http状态管理的原理。rfc6365规范
4.servlet中cookie是什么?servlet如何设置cookie?
在Servlet中javax.servlet.http.Cookie就是http cookie的实现。
servlet中如何设置cookie?
参考:
A simple cookie example in servlet——mkyong
5.什么时候会设置cookie?
一般会在访问网站的首页即域名指向的页面,如访问www.oschina.net,会设置如下cookie
Cache-Control:no-cache
Connection:keep-alive
Content-Encoding:gzip
Content-Type:text/html;charset=UTF-8
Date:Sat, 29 Oct 2016 07:15:49 GMT
Pragma:no-cache
Server:Qnginx/1.2.0
Set-Cookie:_user_behavior_=d4d09369-debd-459e-be95-5eb7acb38477; Domain=.oschina.net; Expires=Sun, 29-Oct-2017 07:15:49 GMT; Path=/; HttpOnly
Transfer-Encoding:chunked
Vary:Accept-Encoding
X-NWS-LOG-UUID:1877b550-129c-406d-8252-83bf00fb05c8
也有可能在登入成功后设置一些cookie,oschina登入成功后会添加 oscid的cookie
6.为什么第一次访问jsp页面会设置一个cookie?
这里所说的第一次是指当客户端浏览器与服务端还没有建立回话或者回话超时。如果jsp没有显示的使用<%@page Session=”false”%>
关闭session的话,则jsp页面默认都是开启Session的,也就是jsp存在session内置对象的原因。
参考:
也可以到tomcat下看下jsp生成的对应的Servlet,关键代码如下
- 设置
<%@page Session=”true”%>
或者不设值
public void _jspService(final javax.servlet.http.HttpServletRequest request, final javax.servlet.http.HttpServletResponse response)
throws java.io.IOException, javax.servlet.ServletException {
final java.lang.String _jspx_method = request.getMethod();
if (!"GET".equals(_jspx_method) && !"POST".equals(_jspx_method) && !"HEAD".equals(_jspx_method) && !javax.servlet.DispatcherType.ERROR.equals(request.getDispatcherType())) {
response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "JSPs only permit GET POST or HEAD");
return;
}
final javax.servlet.jsp.PageContext pageContext;
javax.servlet.http.HttpSession session = null;
final javax.servlet.ServletContext application;
final javax.servlet.ServletConfig config;
javax.servlet.jsp.JspWriter out = null;
final java.lang.Object page = this;
javax.servlet.jsp.JspWriter _jspx_out = null;
javax.servlet.jsp.PageContext _jspx_page_context = null;
try {
response.setContentType("text/html;charset=UTF-8");
pageContext = _jspxFactory.getPageContext(this, request, response,
null, true, 8192, true);//第五个参数true启用session
_jspx_page_context = pageContext;
application = pageContext.getServletContext();
config = pageContext.getServletConfig();
session = pageContext.getSession();//这个其实调用的就是HttpServletRquest.getSession();
out = pageContext.getOut();
_jspx_out = out;
out.write("\n");
out.write("\n");
out.write("<html>\n");
out.write("<head>\n");
out.write(" <title>$Title$</title>\n");
out.write("</head>\n");
out.write("<body>\n");
out.write("$END$\n");
out.write("</body>\n");
out.write("</html>\n");
} catch (java.lang.Throwable t) {
if (!(t instanceof javax.servlet.jsp.SkipPageException)){
out = _jspx_out;
if (out != null && out.getBufferSize() != 0)
try {
if (response.isCommitted()) {
out.flush();
} else {
out.clearBuffer();
}
} catch (java.io.IOException e) {}
if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
else throw new ServletException(t);
}
} finally {
_jspxFactory.releasePageContext(_jspx_page_context);
}
}
- 设置
<%@page Session=”false”%>
public void _jspService(final javax.servlet.http.HttpServletRequest request, final javax.servlet.http.HttpServletResponse response)
throws java.io.IOException, javax.servlet.ServletException {
final java.lang.String _jspx_method = request.getMethod();
if (!"GET".equals(_jspx_method) && !"POST".equals(_jspx_method) && !"HEAD".equals(_jspx_method) && !javax.servlet.DispatcherType.ERROR.equals(request.getDispatcherType())) {
response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "JSPs only permit GET POST or HEAD");
return;
}
final javax.servlet.jsp.PageContext pageContext;
final javax.servlet.ServletContext application;
final javax.servlet.ServletConfig config;
javax.servlet.jsp.JspWriter out = null;
final java.lang.Object page = this;
javax.servlet.jsp.JspWriter _jspx_out = null;
javax.servlet.jsp.PageContext _jspx_page_context = null;
try {
response.setContentType("text/html;charset=UTF-8");
pageContext = _jspxFactory.getPageContext(this, request, response,
null, false, 8192, true);//第五个参数false不启用session
_jspx_page_context = pageContext;
application = pageContext.getServletContext();
config = pageContext.getServletConfig();
//不会生成session = pageContext.getSession();
out = pageContext.getOut();
_jspx_out = out;
out.write("\n");
out.write("\n");
out.write("<\n");
out.write("<html>\n");
out.write("<head>\n");
out.write("<title>$Title$</title>\n");
out.write("</head>\n");
out.write("<body>$END$\n");
out.write("</body>\n");
out.write("</html>\n");
} catch (java.lang.Throwable t) {
if (!(t instanceof javax.servlet.jsp.SkipPageException)){
out = _jspx_out;
if (out != null && out.getBufferSize() != 0)
try {
if (response.isCommitted()) {
out.flush();
} else {
out.clearBuffer();
}
} catch (java.io.IOException e) {}
if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
else throw new ServletException(t);
}
} finally {
_jspxFactory.releasePageContext(_jspx_page_context);
}
}