http协议的无状态性
无状态是指:当浏览器发送请求给服务器的时候,服务器响应客户端请求。
但是当同一个浏览器再次发送请求给服务器的时候,服务器并不知道它就是刚才那个浏览器。
简单的说:就是服务器不会去记得你,所以就是无状态协议。
Cookie概述
保存用户的状态的两大机制
Session,Cookie
什么是Cookie?
Cookie:中文名称为“小甜饼”,是Web服务器保存在客户端的一系列文本信息。
典型应用一:判断注册用户是否已经登录网站。
典型应用二:“购物车”的处理。
Cookie的作用:
对特定对象的追踪保存用户网页浏览记录与习惯
简化登录
安全风险:容易泄露用户信息
JSP页面中创建与使用Cookie
创建Cookie对象
Cookie newCookie = new Cookie(String key,Object value);
写入Cookie对象
response.addCookie(newCookie);
读取Cookie对象
Cookie[] cookies= request.getCookies();
案例:Cookie在登录中的应用
login.jsp文件
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>用户登录</h1>
<hr>
<%
request.setCharacterEncoding("utf-8");
String username = "";
String password = "";
Cookie[] cookies = request.getCookies();
if (cookies != null && cookies.length > 0) {
for (Cookie c : cookies) {
if (c.getName().equals("username")) {
username= URLDecoder.decode(c.getValue(), "utf-8");
}
if(c.getName().equals("password")){
password = URLDecoder.decode(c.getValue(), "utf-8");
}
}
}
%>
<form name="loginForm" action="dologin.jsp" method="post">
<table>
<tr>
<td>用户名:</td>
<td><input type="text" name="username" value="<%=username %>" /></td>
</tr>
<tr>
<td>密码:</td>
<td><input type="password" name="password" value="<%=password %>" />
</tr>
<tr>
<td colspan="2"><input type="checkbox" name="isUseCookie" checked="checked" />十天内记住我的登录状态</td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" value="登录" /><input type="reset" value="取消" />
</tr>
<tr>
<td colspan="2" align="center">
</tr>
</table>
</form>
</body>
</html>
dologin.jsp文件
<%@ page language="java" import="java.util.*,java.net.*"
contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!-- 使用URLEncoder必须导入java.net.* -->
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>登录成功</h1>
<hr>
<br>
<br>
<br>
<br>
<%
request.setCharacterEncoding("utf-8");
//首先判断用户是否选择了记住登录状态
String[] isUseCookies = request.getParameterValues("isUseCookie");
if (isUseCookies != null && isUseCookies.length > 0) {
//把用户名和密码保存在Cookie对象里面
String username = URLEncoder.encode(request.getParameter("username"), "utf-8");
//使用URLEncoder解决无法在Cookie当中保存中文字符串问题
String password = URLEncoder.encode(request.getParameter("password"), "utf-8");
Cookie usernameCookie = new Cookie("username", username);
Cookie passwordCookie = new Cookie("password", password);
usernameCookie.setMaxAge(864000);
passwordCookie.setMaxAge(864000);//设置最大生存期限为10天
response.addCookie(usernameCookie);
response.addCookie(passwordCookie);
} else {
Cookie[] cookies = request.getCookies();
if (cookies != null && cookies.length > 0) {
for (Cookie c : cookies) {
if (c.getName().equals("username") || c.getName().equals("password")) {
c.setMaxAge(0);//设置Cookies失效
response.addCookie(c);//重新保存。
}
}
}
}
%>
<a href="users.jsp" target="_blank">查看用户信息</a>
</body>
</html>
users.jsp文件
<%@ page language="java" import="java.util.*,java.net.*"
contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>用户信息</h1>
<hr>
<%
request.setCharacterEncoding("utf-8");
String username = "";
String password = "";
Cookie[] cookies = request.getCookies();
if (cookies != null && cookies.length > 0) {
for (Cookie c : cookies) {
if (c.getName().equals("username")) {
username = URLDecoder.decode(c.getValue(), "utf-8");
}
if (c.getName().equals("password")) {
password = URLDecoder.decode(c.getValue(), "utf-8");
}
}
}
%>
<br>
<br>
<br>
<br> 用户名:<%=username%>
<br> 密码:<%=password%>
<br>
</body>
</html>