Cookies are often mentioned by everyone, so what is cookies, what does it work? Cookies is a technology that allows website servers to store small data to the client-side hard disk or memory, or a technology that reads data from the client's hard drive. Cookies is a very small text file placed on your hard drive when you browse a website, which can record your user ID, password, browsed web, and stay time and other information.
When you come to the site again, the website knows your relevant information, you can make a corresponding action, such as the page is welcome to welcome your slogan, or let you enter the ID, your password is directly logged in. and many more. In essence, it can be seen as your ID card. However, cookies cannot be executed as a code, nor does it transmit viruses, and for you, and can only be read by providing its servers. The saved information is stored in the form of "Name-Value PAIRS), and a" name / value "is just a named data. A website can only get information in your computer, it can't get information from other cookies files, and you can't get anything else on your computer. Most of the contents of cookies have been encrypted, so general users seem to be only some unimedic alphanumeric combinations, only the server's CGI handler knows their true meaning.
Since cookies is data we browse to text files or memory in the user's computer hard disk, it is closely related to the location stored in the hard disk. In a Windows 9x system computer, the storage location of the cookies file is C: / Windows / Cookies, in the Windows NT / 2000 / XP computer, the storage location of the cookies file is C: / Documents and settings / username / cookies.
The cookies file in the hard disk can be read by the web browser, its command format is: Username @ Website Address [Number] .txt. Such as a cookies file in the computer computer is: CH @ 163 [1] .txt. Note that: Cookies in the hard disk belong to a text file, not a program.
Set of cookies
You can select Set / View File in the General tab of IE's Tools / Internet Options, and see all the cookies saved to your computer. These files are typically named in user @ domain format. User is your local username, Domain is the domain name of the website accessed. If you use the Netscape browser, you are stored in "C: / Programfiles / Nets- Cape / Users /". Unlike IE, Netscape is a cookies that records all sites using a cookie file.
We can make appropriate settings for cookies: Open the Privacy tab in Tool / Internet Options (Note that this setting exists in IE6.0, other version IE can click "Tool / Internet Options" "Security" tab The "Custom Level" button is simply adjusted to adjust the security level of the cookie. Normally, it can be adjusted to "medium high" or "high" position. Most forum sites need to use cookie information, if you never go to these places, you can transfer the security level to "Blocking all cookies"; if you just use the cookie of individual websites, you can click the "Edit" button to block the website. Add to the list. In the "Advanced" button option, you can set up the first cookie and third-party cookies. The first cookie is the cookie of the website you are browsing. Third-party cookie is a cookie that is not browsing. It is usually necessary to select "Reject" for a third party cookie. If you need to save your cookie, you can use the "Import Export" feature of the IE to open File / Import Export, and press the prompt operation. Cookies writing and reading
The cookies collection is a data set attached to the Response object and the Request object, and you need to add response or request in front.
The syntax used to send cookies to the client is usually:
When setting the cookies collection settings, it will be created in the client, and if the cookies exists, it will be replaced. Since cookies is sent to the client as part of the header information transmitted by the HTTP, the code sent to the client to the cookies generally placed before the HTML file sent to the browser.
If the user wants to read the cookies, you must use the request object's cookies collection. It is to be noted that the browser can use the data exchange with Server before the server is not downloaded to the browser. Once the browser starts receiving the data downloaded by Server, cookies' data exchange stops, in order to avoid errors, to add response.buffer = true in programs and front.
Cookies application
Almost all website designers use cookies when designing website design, because they want to provide users who browse websites to provide a more friendly, human culture browsing environment, and can also collect accessors more accurately.
Website views management
Due to the use of proxy servers, caching, etc., the only way to help the site is accurately statistical to the number of visits is to establish a unique ID for each visitors. Using cookies, the website can do the following: How many people have accessed; how much is the new user (ie the first visit) in the visitor, how much is the user to access a website.
Typically, the website designer is to achieve the above purposes with the background database. When the user first accesses the site, the website creates a new id in the database and transmits the ID to the user via cookie. When the user comes again, the website adds the counter corresponding to the user ID 1. Get the number of users' visits or determine whether the user is a new user or an old user.
Customize the appearance of the web page according to the user's preferences
Some website designers provide users with power to change web content, layout, and color, allowing users to enter their own information, and then modify some of the parameters of the website via this information to customize the appearance of the web page.
Implement features such as "shopping basket" in the e-commerce site
You can use the cookie to record the user's ID, so when you put a new thing in "Shopping Basket", the website can record, and correspond to your ID record in the website of the website. When you "buy", the website passes Id retrieves all your choices in the database you can know what your "shopping basket" is. In the general case, the website's database can save, you have selected, you are browsed, the information you have filled in in the form; and the cookie containing your unique ID is saved in your computer. .
Cookies' defect
Although Cookie is widely used and can do some functions that use other technologies. But there are also some aspects of not perfect, and it will bring inconvenience to the application.
Many people share a computer problem
Any public computer or many computers used in the office or home will be used more than two people. This way, when you use it online supermarket, online supermarkets or websites will leave a cookie on this machine, and may have someone trying to use your account to shop, bringing unsafe possibilities. Of course, this does not become a problem in some computers that use multi-user operating systems such as Windows NT or UNIX. Because the cookies of different accounts under multi-user operating systems are placed in different places.
Cookies is deleted
If your browser doesn't work properly, you may delete all the temporary Internet files on your computer. However, once you operate, you will drop all the cookies files. When you visit a website again, the site will think you are a new user and assign you a new user ID and a new cookie. The result will result in a bias of new and old users in the website, and you are also difficult to recover parameter selection in the past.
When one person uses multiple computers
Some people often use one more computer in one day. For example, there is a computer in the office, there is a notebook, and a laptop for mobile office. Unless the website uses special techniques to solve this problem, you will have three different cookies files on these three machines, and any sites accessed on three machines will see you three Different users.
Prevent cookies leakage
Want to know if the website you visited is written in your hard disk or memory? Simply do the following steps, you can understand and control the cookies information of the website you are accessing.
Step One click on "Tool" "In-ERNET Options" in the IE window to open the Internet Options setting window;
Step 2 Click the "Security" tab in the Internet Options settings, then click the "Custom Level" button to enter the Security Settings window;
Step 3 Find the "Cookies" setting item in the Security Settings window. There are two sort options under the "cookies" settings, where "Allows Okies that are stored on your computer" is a cookies file that is stored in the user's computer hard disk; "Allows the use of each conversation cookies" is targeted Cookies information stored in the user's computer memory. The cookies file stored in the hard disk is permanently existing, while the cookies information stored in the memory is temporary. To make a prompt when IE is about to receive all cookies from a Web site, select the "Tips" item in the above two sorting options. Of course, you can also choose "Enable", allow IE to accept all cookies information (this is also the default option for IE); select "Disable", is not allowed to store cookies to your computer, and Web site also You can't read the Cookies in your computer.
IE6.0 provides a more reliable personal privacy and security measures that allow users to control how much the browser sends outwards. In the Internet Options window, the Privacy tab is added (Figure 1), and users can directly set the privacy level when browsing, and control the cookies that other sites to use them on their own computers. If we are browsing, you will use the cookie, then there is a yellow exclamation mark in the browser status bar. After double-click, you can open the Privacy Report dialog box, users can view specific privacy policies, but also click directly. The "Settings" button adjusts the security privacy level in the "Privacy" tab.
In the "General" tab, the "Delete Cookies" button (Figure 2) is added to make it easy for users to directly clear the cookies on this unit. In addition, in the Tools "Options" Advanced "tab, some options to further improve security (if you empty the Internet temporary file when you turn off the browser). In fact, how to better protect personal privacy and security is a key technology in Microsoft's next generation ".NET" strategic software, IE6.0 has already tried to take the first step.
In addition, since the information of cookies is not all stored in a computer, there are some information saved in memory. For example, when you browse the website, the web server will automatically generate cookies in memory. When you close the IE browser, you will automatically remove the cookie, so that the two methods described above don't work, we need to edit with the registry. The device to modify the system settings. It should be noted that please backup before modifying the registry so that you can recover after a problem.
Running regedit, find the following key value: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows / CurrentVersion / Internet Settings / Cache / Special Paths / Cookies, which is the key value in the memory, deletes this key value. This cookies don't have to be afraid to be afraid.
Finally, it is necessary to explain that although cookies can enhance your computer's information security, there will be some drawbacks. For example, on some webpages that need cookies support, some inexplicable errors will happen, typical examples are free mailboxes that you can't use some websites.
Cookies spoof
By analyzing the format of the cookie, we know that in the last two are its URL path and domain name, the server's identification of the Cookie is these two parameters. Under normal circumstances, the URL that we want to view when we want to browse a website is its domain name, and you need to connect it to the IP address after domain name management system DNS. If some settings can be made on the DNS, the IP address of the target domain name corresponds to other sites, and we can illegally access the cookies of the target site.
To do cookies spoof, it is actually very simple. For example, in the installation directory under Win9X, there is a file for hosts.sam, which will see this format after the text is opened:
127.0.0.1 Localhost
After setting, you can realize localization of domain name resolution, just add the IP and domain names to the format above the file and save it as HOSTS. The HOSTS file can actually see a native DNS system, which can be responsible for explaining the domain name as an IP address, and its priority is higher than the DNS server, its specific implementation is part of the TCP / IP protocol.
For example, we have to read the target site
Cookies information generated by www.abc.com, you can use it
Www.def.com (your own site).
Www.def.com stores the files required for spoof, read and modify the other party's cookie. Step a pingwww.def.com's IP address:
ping
Www.def.com
Reply from 192.168.0.1: Bytes = 32 Time = 20ms TTL = 244
Then modify the hosts.sam files as follows:
192.168.0.1
Www.abc.com
And save it as a hosts file.
Step Second Read Cookies Information:
Will be used to read the page biography of cookie
Www.def.com, at this time
Www.abc.com, due to the modification of the local DNS domain name resolution, then the network connection does not
Www.abc.com, and
Www.def.com.
This
Www.abc.com can be read in the local cookie.
Step three similarities, you can modify the read data and write the modified information to cookies. After the modification is complete, delete the HOSTS file and re-enter
Www.abc.com, the cookies data used at this time is the data you make.
In summary, although a cookies can be realized, it can bring unsafe factors to network applications, but the cookies file itself does not cause the user's privacy to leak, and it will not give hachers to provide Trojan's carrier, as long as reasonable Using, they will give websites for website administrators to provide convenience.
The cookies collection has the following properties:
1.Expires Property: This property is used to set a deadline for cookies. You can call the saved cookies within the time limit. If you have passed this deadline, Cookies is automatically deleted. Such as:
Set the validity of cookies to April 1, 2004, will be automatically deleted. If a cookies do not set a validity period, its lifecycle starts from opening the browser, and the end of the browser is closed, each running lifecycle will end, and the next run will start.
2. Domain Attribute: This property defines the uniqueness of cookies transfer data. Use only a cookies to send to _blank "> Sohu homepage, you can use the following code:
3.Path Attribute: Defines cookies to send only path requests to the specified path, if the Path property is not set, use the default path of the application.
4.Srcure Properties: Specifies whether cookies can be read by the user.
5. Haskeys Properties: If the requested cookies is a Cookies dictionary with multiple key values, returns TRUE, which is a read-only properties.
