## Cookie, Session 与HTTP请求 杨亮  ## Web基本流程 请求页面 对应文件 获取数据 PC Mobile HTTP 请求 html css javascript 服务器 (Apache) jpg) http://www.  Cookie  无状态 头部 内容 (html) (html) Session  ## Cookie 保存在浏览器端的用户数据，用以进行会话控制 ![Image](/uploads/documents/3/6/c/e/36ce07e9f002f9754c19fef0732209aa/p6_1

I’m setting a response body, but it isn’t getting returned. What’s going on? • I’m setting a cookie, but it isn’t being returned in subsequent requests. How can I serve a downloadable file with falcon Let us know so we can help. ## I ’m setting a cookie, but it isn’t being returned in subsequent requests By default, Falcon enables the secure cookie attribute. Therefore, if you are testing your app app over HTTP (instead of HTTPS), the client will not send the cookie in subsequent requests. (See also the cookie documentation.) ## How can I serve a downloadable file with falcon? In the on_get()

重写维持会话跟踪的方法；理解 Cookie 和 Session 的协同机制，掌握使用 Cookie 和 Session 实现会话跟踪的技术。 3. 能够使用 Cookie 和 Session 编写会话跟踪代码。 ## 大纲 会话基本概念 会话跟踪技术 URL 重写 Cookie Java EE 会话对象 本节习题 ## 接下来… 会话基本概念 会话跟踪技术 URL 重写 Cookie Java 服务器保持客户状态信息。 3. Cookie 使用 Java EE API 提供的 Cookie 对象，可以将客户信息保存在 Cookie 中，完成会话跟踪功能。 4. HttpSession 对象 Java EE API 专门提供了 HttpSession 会话对象保存客户的信息来实现会话跟踪。 一般 3 和 4 组合使用。 ## 接下来… 会话基本概念 会话跟踪技术 URL 重写 Cookie Java Java EE 会话对象 本节习题 ## 接下来… 会话基本概念 会话跟踪技术 URL 重写 Cookie Java EE 会话对象 本节习题 ## URL 重写的实现 ## ① 浏览器端构造 URL 请求 在进行 HTTP 请求时，可以在 URL 地址后直接附加请求参数，把客户端的数据传输到 Web 服务器端。 Web 服务器通过 HttpServletRequest 请求对象取得这些

毫秒内要做些什么 - 竞价请求解析（JSON 或 Google Protobuf） 根据广告位属性过滤活动 根据客户端信息过滤活动（浏览器、操作系统类型等） • 根据地区过滤活动 • 查询Cookie Mapping得到访客在DSP系统的唯一ID 根据用户看过广告的频次过滤活动 根据访客的人群属性过滤活动 根据活动的出价选择胜出的活动 - 其他更细致的过滤条件 ## 为什么选择Golang Save和重启时Load数据的时间 - 一致性要求不是非常高的业务，可以把自动的BgSave关闭，在凌晨或者空闲时候手动调用BgSave ## CookieMapping • 广告投放时是用Cookie来定向用户的 - CM保存了DSP与ADX（如百度、淘宝）间CookieId的映射关系 - 在RTB竞价的时候，DSP可以根据ADX-CookieId从映射表中获取到DSP-CookieId 独立部署 • 方便更新与重启 ./bin --- adx_mod --- analysis --- bid --- charge --- convrate_import --- cookie_map --- dispatch --- ip_import --- kpicharge --- pdmp --- whisky ## 部署：进程管理 • Go不支持以后台进程的方式启动

class BaseHandler(tornado.web.RequestHandler): def get_current_user(self): user_id = self.get_signed_cookie("user") if not user_id: return None return self.backend.get_user_by_id(user_id) def get_user_locale(self): with the set_cookie method: class MainHandler(tornado.web.RequestHandler): def get(self): if not self.get_cookie("mycookie"): self.set_cookie("mycookie", "myvalue") self.write("Your cookie was not set yet yet!") else: self.write("Your cookie was set!") Cookies are not secure and can easily be modified by clients. If you need to set cookies to, e.g., identify the cur- rently logged in user, you need to sign

BaseHandler(tornado.web.RequestHandler): def get_current_user(self): user_id = self.get_signed_cookie("user") if not user_id: return None return self.backend.get_user_by_id(user_id) browser with the set_cookie method: class MainHandler(tornado.web.RequestHandler): def get(self): if not self.get_cookie("mycookie"): self.set_cookie("mycookie", "myvalue") self.write("Your cookie was not set yet!") else: self.write("Your cookie was set!") Cookies are not secure and can easily be modified

BaseHandler(tornado.web.RequestHandler): def get_current_user(self): user_id = self.get_signed_cookie("user") if not user_id: return None return self.backend.get_user_by_id(user_id) browser with the set_cookie method: class MainHandler(tornado.web.RequestHandler): def get(self): if not self.get_cookie("mycookie"): self.set_cookie("mycookie", "myvalue") self.write("Your cookie was not set yet!") else: self.write("Your cookie was set!") Cookies are not secure and can easily be modified

BaseHandler(tornado.web.RequestHandler): def get_current_user(self): user_id = self.get_signed_cookie("user") if not user_id: return None return self.backend.get_user_by_id(user_id) browser with the set_cookie method: class MainHandler(tornado.web.RequestHandler): def get(self): if not self.get_cookie("mycookie"): self.set_cookie("mycookie", "myvalue") self.write("Your cookie was not set yet!") else: self.write("Your cookie was set!") Cookies are not secure and can easily be modified

BaseHandler(tornado.web.RequestHandler): def get_current_user(self): user_id = self.get_signed_cookie("user") if not user_id: return None return self.backend.get_user_by_id(user_id) browser with the set_cookie method: class MainHandler(tornado.web.RequestHandler): def get(self): if not self.get_cookie("mycookie"): self.set_cookie("mycookie", "myvalue") self.write("Your cookie was not set yet!") else: self.write("Your cookie was set!") Cookies are not secure and can easily be modified

– I’m setting a response body, but it isn’t getting returned. What’s going on? – I’m setting a cookie, but it isn’t being returned in subsequent requests. – How can I serve a downloadable file with bug! Let us know so we can help. I’m setting a cookie, but it isn’t being returned in subsequent requests. By default, Falcon enables the secure cookie attribute. Therefore, if you are testing your app app over HTTP (instead of HTTPS), the client will not send the cookie in subsequent requests. (See also the cookie documentation.) ## How can I serve a downloadable file with Falcon? In the on_get()