ASP.NET Cookie Configuration
Write to cookie
1. Name and Value Attributes are set by the program, and the default value is empty reference.
2. The default value of the Domain property is the domain name section of the current URL, regardless of this cookie page in which directory is in. For example, a cookie is issued in the http://www.kent.com/application1/login.aspx page, the Domain property default is www.kent.com, which can set this property as a value required by the program.
3. The default value of the Path property is the root directory, ie "/", no matter which directory of this cookie page. The scope of the cookie can be further limited by the program to a certain path.
4. Expires properties, this property sets this cookie's expiration date and time. If you do not set the validity period of the cookie (default setting), you can also create cookies, but it does not save to the user's hard drive, but it will become part of the user session information, close the browser or session timeout This cookie will disappear, this Cookie is called non-permanent cookies. Saving the sessionid cookie is such a cookie, which is not placed on the hard disk, only in memory.
5. You can send this cookie to the client in the cookie property you want to send to Response: reponse.cookies.add (cookie)
6. Domain property all cookies of the same Path property There is a file in the client, and the cookie is divided in "*". The first line of each cookie is the name of the cookie, the second line is a value, the third line is a string of the Domain property Path property, indicating this cookie's scope, and the other rows contains the daily processing information of cookies, for example Expired date and time. There is also a simple check in cookie. If you change the length of the cookie name or value, the browser will modify and remove the cookie.
Second reading cookie
1. The Request.Cookies property contains a collection of all cookies sent to the server to the server, and only cookies within the scope of the request URL will be sent to the server along with the HTTP request.
2. The value of the Name and the Value property and the subkey is easy to read.
3. Domain and path properties are not read, read the Domain property is always "", read the Path property is always "/". The use of these attributes is very limited. If your page is not in the same domain with cookies, you will not receive the cookie at the location of the page.
4. The expiration date and time of the cookie cannot be read. In fact, when the browser sends a cookie information to the server, the browser has not included the expiration information. You can read the Expires property, but always return to zero date / time values. The main role of the Expires property is to help the browser perform daily management about cookies. From the perspective of the server, the cookie either does not exist, so the validity period is not useful for the server. So, the browser does not provide this information when sending cookies. If you need a cookie's expiration date, you must be reset.
Three modifications and delete cookies
1. Actually, you can't directly modify a cookie, create a cookie of the same name, and send the cookie to the browser to overwrite the old cookies on the client.
2. You can't delete a cookie directly, you can change your browser to delete cookies by modifying a cookie to delete cookies, modify the validity of the cookie for the past, when the browser checks the validity of the cookie, Delete this expired cookie. The relationship between four cookies with session
1. SESSION in ASP.NET can use both cookie and cookieless, and the cookieless method is passed back and forth in the client and the server in the URL, and does not need to use cookies. This method is not discussed here.
2. Customers in ASP.NET request a URL for the first time, the server generates a sessionID to this customer and sent to the client in a non-permanent cookie.
3. Non-permanent cookies Only these cookies disappear after the browser is closed, and the timeout judgment of the session is the process:
3.1 First Client Access Server will get a sessionID to send to the client in a non-permanent cookie.
3.2 Accessing this URL before this browser is closed, the browser sends this sessionID to the server, the server maintains the various states of the server that corresponds to this customer according to SessionID (that is, the various values saved in the session), in the Web These session can be operated in the application.
3.3 Services Maintaining the expiration time of this sessionID, and the timeout time of the session can be set in IIS. Each request will cause the server to extend the timeout time of this sessioid's expiration time.
3.4 When the server discovers that a sessionID is outdated, a customer has not accessed this site again in the timeout time, which is about to delete this SessionID, and delete all session variables associated with this sessionID.
3.5 Before the client browser is not closed, do not know that the server has already deleted this sessionID, the client still sends this sessionID cookie to the server, just at this time, the server is not aware of this sessionID, will make this user as New users, allocate a new sessionID again.
reference:
Basic knowledge in cookies in ASP.NET (http://www.microsoft.com/china/msdn/library/dv_vstechart/html/vbtchaspnetCookies101.asp)
