最近花了点时间,总结了下cookies
HTTP协议是无状态的,为了保持用户状态,更好跟服务器交互,http 请求时携带的额外数据
多数浏览器支持最大cookies 4096 字节
FormsAuthenticationTicket 参数isPersistent设置false,就是会话Cookies,关闭浏览器Cookies就被删除
为了持久性设置为true
当过期时间过半的时候,就会检测,还有动作,它就会延长过期时间。持久性不会让让cookies过期时间显得那么死
HTTP协议是无状态的,为了保持用户状态,更好跟服务器交互,http 请求时携带的额外数据
多数浏览器支持最大cookies 4096 字节
cookies可以理解为 本地的一个txt文件,不同系统存放位置大同小异,当然可以找到相关文件,就不详说
1. cookies简单用法
private void GetCookie(string username)
{
HttpCookie cookie = Request.Cookies["username"];
}
private void WriteCookie(string username)
{
HttpCookie cookie = new HttpCookie(username, "zhansan");
DateTime dt = DateTime.Now;
TimeSpan ts = new TimeSpan(0, 0, 2, 0);
cookie.Expires = dt.Add(ts);//设置2分钟后过时
Response.Cookies.Add(cookie);
}
private void DelCookie(string username)
{
HttpCookie cookie = new HttpCookie(username);
cookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(cookie);
}
当你请求一个cookies时 http头信息就会有Set-Cookie
如图可以看出 创建Session时,会默认绑定一个cookies,浏览器禁用Cookies session就会丢失
2.Forms验证
原理其实就是Cookies,鉴于Cookies不安全性,加了票据验证
<authentication mode="Forms">
<forms name="CurrentUser" cookieless="UseCookies" timeout="1" path="/"></forms>
</authentication>
protected void Page_Load(object sender, EventArgs e)
{
//Literal1.Text = Request.IsAuthenticated ? "已登录" : "未登录";
}
private void Login()
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
2, "lisi", DateTime.Now, DateTime.Now.AddMinutes(2), true, string.Empty);
string str = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, str);
DateTime dt = DateTime.Now;
TimeSpan ts = new TimeSpan(0, 0, 2, 0);
cookie.Expires = dt.Add(ts);//持久性cookies这里必须给过期时间
Response.Cookies.Add(cookie);
}
private void LoginOut()
{
FormsAuthentication.SignOut();
}
FormsAuthenticationTicket 参数isPersistent设置false,就是会话Cookies,关闭浏览器Cookies就被删除
为了持久性设置为true
当过期时间过半的时候,就会检测,还有动作,它就会延长过期时间。持久性不会让让cookies过期时间显得那么死
3.cookies模拟登录
protected void Page_Load(object sender, EventArgs e)
{
//配置http请求相关参数
string loginUrl = "http://www.jiayuan.com/login/dologin.php?new_header=1&channel=index";
string userName = "帐号";
string password = "密码";
IDictionary<string, string> parameters = new Dictionary<string, string>();
parameters.Add("channel", "200");
parameters.Add("name", userName);
parameters.Add("password", password);
parameters.Add("position", "201");
string defaultLanguage = "zh-CN";
string accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/x-silverlight, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-ms-application, application/x-ms-xbap, application/vnd.ms-xpsdocument, application/xaml+xml, application/x-silverlight-2-b1, */*";
string userAgent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)";
string Referer="http://www.jiayuan.com/";
string Method ="POST";
string ContentType ="application/x-www-form-urlencoded";
//获取cookies
HttpWebResponse response = HttpResponseHelper.HttpResponsePost(loginUrl, parameters, defaultLanguage, accept, userAgent, Referer, Method, ContentType, null);
CookieCollection Cookies = HttpResponseHelper.GetCookies(response);
//获取登录后的信息
loginUrl = "http://www.jiayuan.com/107850191";
HttpWebResponse reqLogin = HttpResponseHelper.HttpResponsePost(loginUrl, parameters, defaultLanguage, accept, userAgent, Referer, Method, ContentType, Cookies);
string strReturn = "";
Stream streamReceive = reqLogin.GetResponseStream();
Encoding encoding = Encoding.UTF8;
StreamReader streamReader = new StreamReader(streamReceive, encoding);
strReturn = streamReader.ReadToEnd();
}
前面这个例子取不到登录后的用户信息
这个就获取到登录后的信息了
以上有 一些内容没有列举出来,详情例子下载