WEB開發會話技術02 6.Cookie的生命周期 預設情況下,Cookie只在瀏覽器的記憶體中存活,也就是說,當你關閉瀏覽器後,Cookie就會消失。但是也可以通過方法設置cookie的生存時間。 cookie的生命周期指的是如何管理cookie,什麼時候cookie被銷毀。 setMaxAge(i ...
WEB開發會話技術02
6.Cookie的生命周期
預設情況下,Cookie只在瀏覽器的記憶體中存活,也就是說,當你關閉瀏覽器後,Cookie就會消失。但是也可以通過方法設置cookie的生存時間。
cookie的生命周期指的是如何管理cookie,什麼時候cookie被銷毀。
- setMaxAge(int expiry):設置 cookie 的最大生存時間,以秒為單位
- 整數:表示在指定的秒數後過期
- 負數:表示瀏覽器關閉,cookie就會被刪除(預設值是-1)
- 0,表示馬上刪除cookie
6.1cookie生命周期expiry>0
CookieLive:
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(urlPatterns = {"/CookieLive"})
public class CookieLive extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("CookieLive doPost被調用...");
//創建一個cookie,生命周期為 60s
Cookie cookie = new Cookie("job", "java");
//1.從創建改cookie開始計時,60秒後就無效
//2.由瀏覽器來根據創建的時間來開始計時,到時間後就認為該cookie無效
//3.如果該cookie無效了,那麼瀏覽器在發出HTTP請求時,就不會帶上該cookie
cookie.setMaxAge(60);
//將cookie保存到瀏覽器
response.addCookie(cookie);
//給瀏覽器返回信息
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.print("<h1>設置cookie生命周期成功</h1>");
writer.flush();
writer.close();
}
}
-
在瀏覽器中訪問該servlet:
、 -
可以看到該cookie的創建於: "Sun, 20 Nov 2022 14:15:39 GMT"
真實時間為上述時間再加八小時
-
超過60s後,再去訪問Tomcat伺服器:
可以看到在瀏覽器發送的HTTP請求中的Cookie欄位已經沒有了設置的cookie:
說明:由瀏覽器來根據創建的時間來開始計時,到時間後就認為該cookie無效。如果該cookie無效了,那麼瀏覽器在發出HTTP請求時,就不會帶上該cookie。
但是此時cookie沒有被刪除,在關閉瀏覽器的時候才會被刪除。
6.2演示刪除cookie(expiry=0)
刪除下圖名為username的cookie
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(urlPatterns = {"/cookieLive"})
public class CookieLive extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
//演示刪除一個cookie
//1.先得到usernameCookie
Cookie[] cookies = request.getCookies();
Cookie usernameCookie =
CookieUtils.readCookieByName("username", cookies);
if (usernameCookie != null) {
//2.將其生命周期設置為0
usernameCookie.setMaxAge(0);
//3.重新保存該cookie,因為你將其生命周期設置為0,就等價於讓瀏覽器刪除該cookie
response.addCookie(usernameCookie);//在響應體的Set-Cookie
} else {
System.out.println("沒有找到該cookie");
}
//給瀏覽器返回信息
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.print("<h1>設置cookie生命周期成功</h1>");
writer.flush();
writer.close();
}
}
redeployTomcat,瀏覽器訪問該servlet,點擊查看HTTP響應包:可以看到響應包中設置了該cookie的過期時間為1970年,這意味著瀏覽器將立即刪除該cookie。
-
Set-Cookie: username=jack; Expires=Thu, 01-Jan-1970 00:00:10 GMT
-
點擊查看cookie存儲,可以發現該cookie已經被刪除了
說明:setMaxAge()方法設置參數為零時,當瀏覽器接收到伺服器的響應包時,會立即刪除該cookie。
6.3預設生命周期(expiry<0)
如果沒有設置setMaxAge,或者setMaxAge的設置參數為負數,那麼預設創建的cookie是會話級別的(即關閉瀏覽器就銷毀了)
如下,MaxAge的預設設置值為-1
7.Cookie的有效路徑
cookie有效路徑Path的設置:
-
Cookie的path屬性,可以有效地過濾哪些Cookie可以發送給伺服器,哪些不發。path屬性是通過請求的URL地址來進行有效地過濾
-
規則如下:
cookie1.setPath=/工程路徑 cookie2.setPath=/工程路徑/aaa- 若請求地址為:
http://ip:port/工程路徑/資源
cookie1會發送給伺服器
cookie2不會發送給伺服器 - 若請求地址為:
http://ip:port/工程路徑/aaa/資源
cookie1會發送給伺服器
cookie2會發送給伺服器
即如果請求的url的地址包含了cookie設置的有效路徑,則這個cookie就會被髮送給伺服器。
說明:如果沒有設置cookie的有效路徑,預設就是 /工程路徑
- 若請求地址為:
演示Cookie的有效路徑的使用
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(urlPatterns = {"/cookiePath"})
public class CookiePath extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("cookiePath doPost被調用");
//1.創建兩個cookie
Cookie cookie = new Cookie("address", "beijing");
Cookie cookie2 = new Cookie("salary", "20000");
//2.設置不同的有效路徑
//request.getContextPath()=/application context
cookie.setPath(request.getContextPath());//有效路徑=/cs
cookie2.setPath(request.getContextPath() + "/aaa");//有效路徑=/cs/aaa
//3.保存到瀏覽器
response.addCookie(cookie);
response.addCookie(cookie2);
//4.給瀏覽器回送提示信息
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.print("<h1>設置cookie有效路徑成功</h1>");
writer.flush();
writer.close();
}
}
如下,訪問http://localhost:8080/cs/cookiePath,創建了address和salary兩個cookie並設置了不同的有效路徑
現在來訪問http://localhost:8080/cs/xxx,抓包如下:
在來訪問http://localhost:8080/cs/aaa/xxx:
8.練習
完成自動填寫登錄賬戶案例,如果用戶登錄成功,則下次登錄自動填寫登錄賬戶。
- 如果用戶名是olien,密碼是1234。則認為該用戶合法,登錄成功,否則失敗。
- 要求實現:如果登錄成功,則該用戶在三天內登錄可以自動填寫其登錄名。
CookieUtils:
package com.li.cookie;
import javax.servlet.http.Cookie;
public class CookieUtils {
//編寫一個方法,返回指定名字的cookie值
public static Cookie readCookieByName(String name, Cookie[] cookies) {
//判斷傳入的參數是否正確
if (name == null || "".equals(name) || cookies == null || cookies.length == 0) {
return null;
}
//否則,就遍歷cookies
for (Cookie cookie : cookies) {
if (name.equals(cookie.getName())) {
return cookie;
}
}
return null;
}
}
loginServlet:
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
@WebServlet(urlPatterns = {"/login"})
public class Login extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("login doPost被調用...");
//編寫servlet(以實現自動填寫登錄名和密碼)
String usernameVal = "";
String pwdVal = "";
//訪問servlet時,首先獲取瀏覽器的cookie數組
Cookie[] cookies = request.getCookies();
//判斷得到的cookie數組是否存在
if (cookies != null && cookies.length != 0) {//如果存在,且長度不為0
//獲取cookie的值
Cookie usernameCookie = CookieUtils.readCookieByName("username", cookies);
Cookie pwdCookie = CookieUtils.readCookieByName("pwd", cookies);
if (usernameCookie != null && pwdCookie != null) {//如果存在指定的cookie
//獲取指定的cookie的值
usernameVal = usernameCookie.getValue();
pwdVal = pwdCookie.getValue();
}
}
//繪製html頁面
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
if (usernameVal != null && pwdVal != null) {
writer.print("<!DOCTYPE html>\n" +
"<html lang=\"en\">\n" +
"<head>\n" +
" <meta charset=\"UTF-8\">\n" +
" <title>登錄頁面</title>\n" +
"</head>\n" +
"<body>\n" +
"<form action=\"/cs/loginSuccess\" method=\"post\">\n" +
" 用戶名:<input type=\"text\" name=\"username\" value=\"" + usernameVal + "\"/><br/>\n" +
" 密碼:<input type=\"password\" name=\"pwd\" value=\"" + pwdVal + "\"/><br/>\n" +
" <input type=\"submit\" value=\"登錄\"/>\n" +
"</form>\n" +
"</body>\n" +
"</html>");
}
writer.flush();
writer.close();
}
}
LoginSuccess:
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
/**
* 接收用戶輸入,判斷該用戶是否合法,並返回提示信息
*/
@WebServlet(urlPatterns = {"/loginSuccess"})
public class LoginSuccess extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("loginServlet doPost 被調用...");
//1.接收表單用戶名和密碼
String username = request.getParameter("username");
String pwd = request.getParameter("pwd");
//給瀏覽器返回提示信息
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
//2.判斷數據是否合法
if ("olien".equals(username) && "1234".equals(pwd)) {//合法
//將登陸成功的用戶名和密碼以cookie形式保存到瀏覽器中
//根據用戶名和密碼創建cookie
Cookie usernameCookie = new Cookie("username", "olien");
Cookie pwdCookie = new Cookie("pwd", "1234");
//設置cookie生命周期
usernameCookie.setMaxAge(60 * 60 * 24 * 3);//3天
pwdCookie.setMaxAge(60 * 60 * 24 * 3);//3天
//給瀏覽器返回cookie
response.addCookie(usernameCookie);
response.addCookie(pwdCookie);
//給瀏覽器返回提示信息
writer.print("<h1>登錄OK</h1>");
} else {//不合法
writer.print("<h1>登錄失敗,請重新登錄</h1>");
}
writer.flush();
writer.close();
}
}
redeployTomcat,在瀏覽器中訪問http://localhost:8080/cs/login。 輸入正確的用戶名密碼,成功跳轉。
此時,再次訪問該頁面,可以看到登錄頁面自動填寫登錄名:
9.Cookie註意事項和細節
- 一個cookie只能標識一種信息,它至少含有一個標識該信息的名稱(name)和設置值(value)
- 一個web站點可以給一個瀏覽器發送多個cookie,一個瀏覽器也可以存儲多個web站點提供的cookie
- cookie的總數量沒有限制,但是每個功能變數名稱的cookie數量和每個cookie的大小是有限制的(不同的瀏覽器限制不同),因此cookie不適合存放數據量大的信息
- 註意:刪除cookie時,path必須一致,否則不會刪除
- Java Servlet中cookie中文亂碼解決。如果cookie存放中文,預設會報錯,但可以通過URL編碼和解碼來解決(儘量不要使用cookie保存中文信息)
例子:解決cookie中文亂碼
package com.li.cookie;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.*;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URLEncoder;
@WebServlet(name = "EncoderCookie", urlPatterns = {"/encoderCookie"})
public class EncoderCookie extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
System.out.println("EncoderCookie doPost被調用...");
//1.創建一個帶有中文的cookie
//Cookie company = new Cookie("company", "小葵花公司");
//2.保存到瀏覽器
/**
* 1.如果直接存放帶有中文的cookie,Tomcat伺服器會報錯:
* Control character in cookie value or attribute.
* 2.解決方法:將中文編碼設置成URL編碼
* 3.使用工具類 URLEncode
* 4.編碼後再保存cookie即可
*/
String company = URLEncoder.encode("小葵花公司", "utf-8");
Cookie cookie = new Cookie("company", company);
response.addCookie(cookie);
//3.給瀏覽器返回提示信息
response.setContentType("text/html;charset=utf-8");
PrintWriter writer = response.getWriter();
writer.print("<h1>設置cookie中文信息成功</h1>");
writer.flush();
writer.close();
}
}
-
瀏覽器訪問地址:
http://localhost:8080/cs/encoderCookie:
-
進行抓包:如下,瀏覽器在保存中文cookie時,以url編碼進行保存
-
伺服器在獲取該中文cookie時,也要以url編碼形式進行解碼,否則得到的cookie的值是url編碼。
ReadCookie2:
package com.li.cookie; import javax.servlet.*; import javax.servlet.http.*; import javax.servlet.annotation.*; import java.io.IOException; import java.io.PrintWriter; import java.net.URLDecoder; @WebServlet(name = "ReadCookie2", value = "/readCookie2") public class ReadCookie2 extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //讀取中文cookie Cookie[] cookies = request.getCookies(); Cookie companyCookie = CookieUtils.readCookieByName("company", cookies); String companyVal = companyCookie.getValue(); System.out.println("companyVal= " + companyVal);//url編碼 //解碼 companyVal = URLDecoder.decode(companyVal, "utf-8"); System.out.println("解碼後的companyVal= " + companyVal);//中文 //給瀏覽器返回提示信息 response.setContentType("text/html;charset=utf-8"); PrintWriter writer = response.getWriter(); writer.print("<h1>讀取中文cookie並解碼成功</h1>"); writer.flush(); writer.close(); } }瀏覽器訪問該資源,後臺輸出如下:
