First, the concept of conversation
A conversation is like a phone call. A call can be understood as a conversation. We log on to a site, browse through different pages of a site, and finally exit the site, which is also a conversation. A web site presents different page information to different users, but in HTTP, the client requests the server as a stateless connection – each request is a separate request, how can the server tell which user made the request?
If you can’t tell which user sent the request, you don’t know which user’s information should be returned, then imagine that when we log in to the website, it will be a mess. So the server needs to know who is making the request and needs a user id to keep the session going.
Second, the concept of Session
Session is stored on the server, which is similar to the Session structure to store user data. When the browser sends a request for the first time, the server automatically generates a Session and a Session ID to uniquely identify the Session, and sends the response to the browser. When the browser sends a request for the second time, it adds the Session ID from the previous response to the request and sends it to the server. The server extracts the Session ID from the request and compares it with all the saved Session ids to find the Session corresponding to the user.
Because sessions are stored on the server side, they can become a burden to the server over time or as users access more and more. Consider server performance when using it.
Third, the concept of Cookie
A Cookie is actually a small piece of text information. The client requests the server, and if the server needs to record the user state, it issues a Cookie to the client browser using response. The client saves the Cookie.
Since cookies are stored on the client and are visible, security is low. Therefore, putting important information in cookies is not recommended.
Four, the difference between the two
1. Cookie data is stored on the client and session data is stored on the server.
2. Cookies are not very secure. Others can analyze cookies stored locally and cheat cookies.
3. The session will be stored on the server for a certain period of time. When the number of accesses increases, the performance of your server will be occupied.
4. Different browsers have different limits on cookie data size and number.
5. Important information such as login information can be stored as session, and non-important information can be stored in cookies.
Five, the connection between the two
1, are used to record user information, in order to let the server distinguish between different users.
2, can be used with, but have their own use limitations, to take into account the safety and performance problems.