1.HttpServer
package simpleServer;
import java.io.*;
import java.net.ServerSocket;
import java.net.Socket;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
/**
* Description:
* @Date: 2020/1/14
* @Time: 20:08
*/
public class SimpleServer {
//简易版的http server V1 + 多线程 + 手动构建response 展示302 307 404效果
/**
* 端口号
*/
private static final int PORT = 9999;
/**
* 统一编码
*/
private static final String CHARSET = "UTF-8";
public static void main(String[] args) throws IOException {
ServerSocket serverSocket = new ServerSocket(PORT);
ExecutorService POOL = Executors.newCachedThreadPool();
try {
while (true) {
Socket socket = serverSocket.accept();
POOL.submit(new Runnable() {
@Override
public void run() {
try {
BufferedReader reader = new BufferedReader(
new InputStreamReader(socket.getInputStream()));
// 解析Http请求行
String httpLine = reader.readLine();
System.out.println("===" + httpLine);
String[] httpLineArray = httpLine.split(" ");
String requestMethod = httpLineArray[0];
String requestUri = httpLineArray[1];
String requestVersion = httpLineArray[2];
// 解析请求头
String requestHeader;
Map<String, String> headers = new HashMap<>();
while ((requestHeader = reader.readLine()) != null &&
requestHeader.length() != 0) {
String[] headerArray = requestHeader.split(":");
headers.put(headerArray[0].trim(), headerArray[1].trim());
}
PrintWriter writer = new PrintWriter(new OutputStreamWriter(
socket.getOutputStream(), CHARSET), true);
String content;
if ("/307".equals(requestUri)) {
writer.println("HTTP/1.1 307 Temporary Redirect");
writer.println("Location: http://45.40.254.164");
content = "";
} else if ("/404".equals(requestUri)) {
writer.println("HTTP/1.1 404 Not Found");
content = "<h1>没有找到资源</h1>";
} else {
writer.println("HTTP/1.1 200 OK");
content = "<h1>My Http Server</h1>";
}
writer.println("Content-Type: text/html; charset=utf-8");
writer.println("Content-Length: " + content.getBytes(CHARSET).length);
writer.println();
writer.println(content.toString());
socket.close();
} catch (Exception e) {
e.printStackTrace();
}
}
});
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
2.Cookie
cookie是一种在浏览器端解决的方案,将登陆认证之后的用户信息保存在本地浏览器中,后面每次发起http请求,都自动携带上该信息,就能达到认证用户,保持用户在线的作用。
设置cookie的方法在Http 的Response 报头中可以携带Set-Cookie 字段来完成。
3.Session
非敏感信息可以发送cookie,敏感信息保存在服务器本地,这个保存在服务器本地的机制就是session机制;
4.cookie vs session—会话保持
引入Cookie:因为HTTP无状态/没有会话保持;
引入Session:安全(cookie只保存非敏感信息)
Cookie以文本文件格式存储在浏览器中;
session存储在服务端;
因为每次发起 Http 请求,都要携带有效Cookie信息,所以Cookie一般都有大小限制,以防止增加网络压力,一般不超过4k;
可以轻松访问cookie值但是我们无法轻松访问会话值,因此session方案更安全;