Managing States

HTTP is a stateless protocol that does not remember past requests and responses. There are four traditional techniques to manage and introduce state into HTTP: 1) Login pages use URL rewriting or hidden fields to pass credentials. URL rewriting only works for GET requests while hidden fields are used for POST. 2) Cookies store name-value pairs on the client computer and are used to remember information like session IDs. However, cookies present security risks like session hijacking if logged into sensitive sites on public networks. 3) HTTP session objects store name-value pairs on the server instead of the client computer, avoiding security issues of cookies. The session data is tied to the client using a session ID.

Uploaded by

Richmond Chua

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

37 views

Managing States

Uploaded by

Richmond Chua

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 1

Managing States

HTTP

- Way of clients and server speaks

- Messenger of web in short
- Stateless – no memory like finding dory, it doesn’t remember the clients
request and response

Because HTTP is stateless there are 4 traditional techniques to manage states

and let HTTP become stateful.

- Login Pages
o URL Rewriting – use when you want to link urls or links
 Only applicable on GET method, not applicable for POST due
to:
 Lengthy data
 Security issues
 Placed in <a href=”place URL here of GET”>Some Text</a>
 Data acquired through getParameter() with ServletRequest
 URL have limited symbols that you can use because other
symbols are used on HTML code
o Hidden Fields – used when you want to pass passwords
 Use on post method because password is hidden
 Data acquired through getParameter() with ServletRequest
o Cookies
 Server -> Client (Request, Response)
 request.getCookie() to remember the cookie that the
client requested
 The name and value pairs are saved in the clients computer
 J Session ID – Lets say you login to chinabank every time
you input a username and password the server throws a
response which is “cookie” the cookie tries to remember your
username and password that creates a name and values pair
which is the J session ID
 Now if you connect to a public wifi and access your
bank account there is a high possibility of “Session
Hijacking” – a “sniffer” is used to pretend a web
action on the URL’s J session ID
 In short summary do not log in to banking sites on a
closed or public network
 Session id (name) – stored in your computer’s harddrive or
clients computer
o HTTPSession Objects
 The name and value pairs are saved in the server
 Session data (value) stored on the server
 You don’t instantiate HTTPSession object because it a
interface instead you run it through the request method.

JSP-Servlet Interview Questions You'll Most Likely Be Asked
From Everand
JSP-Servlet Interview Questions You'll Most Likely Be Asked
Vibrant Publishers
No ratings yet
SCWCD Exercises
No ratings yet
SCWCD Exercises
28 pages
HTTP State Management 1710327365
No ratings yet
HTTP State Management 1710327365
11 pages
Following Four Methods Are Devised To Deal With The Problem of State Management - (1) Cookies
No ratings yet
Following Four Methods Are Devised To Deal With The Problem of State Management - (1) Cookies
4 pages
Session Management More
No ratings yet
Session Management More
16 pages
Servlet Notes2
No ratings yet
Servlet Notes2
11 pages
GM 05
No ratings yet
GM 05
14 pages
Lesson 3 - Servlet II
No ratings yet
Lesson 3 - Servlet II
46 pages
Session Hijacking Report
No ratings yet
Session Hijacking Report
17 pages
W Eb P Rogramming and & U Ser I Nterface D Esign Week 3
No ratings yet
W Eb P Rogramming and & U Ser I Nterface D Esign Week 3
17 pages
W Eb P Rogramming and & U Ser I Nterface D Esign Week 3
No ratings yet
W Eb P Rogramming and & U Ser I Nterface D Esign Week 3
17 pages
Unit-3 session mgmt
No ratings yet
Unit-3 session mgmt
25 pages
Web Security
No ratings yet
Web Security
7 pages
Servletsessions
No ratings yet
Servletsessions
37 pages
Servlets: Query Parameters, Sessions
No ratings yet
Servlets: Query Parameters, Sessions
33 pages
THM Hacking Encyclopedia
100% (1)
THM Hacking Encyclopedia
91 pages
Chapter 3
No ratings yet
Chapter 3
41 pages
Session Tracking Techniques
No ratings yet
Session Tracking Techniques
3 pages
Week11 2023
No ratings yet
Week11 2023
48 pages
Sessions
No ratings yet
Sessions
108 pages
Session Tracking in Servlet
No ratings yet
Session Tracking in Servlet
17 pages
11 - Section Hijacking Concepts
No ratings yet
11 - Section Hijacking Concepts
81 pages
35 Servlet Sessions
No ratings yet
35 Servlet Sessions
13 pages
COOKIES IN PHP
No ratings yet
COOKIES IN PHP
6 pages
PHP
No ratings yet
PHP
26 pages
Websec 101: Session Management
No ratings yet
Websec 101: Session Management
23 pages
OAuth 2
No ratings yet
OAuth 2
2 pages
AdvanceServlet PDF
No ratings yet
AdvanceServlet PDF
36 pages
Session Related Interview Questions
No ratings yet
Session Related Interview Questions
2 pages
Web Cybersecurity
No ratings yet
Web Cybersecurity
85 pages
Session Management: 7.1. What Is Session and How It Works?
No ratings yet
Session Management: 7.1. What Is Session and How It Works?
5 pages
Session Tracking Techniques
No ratings yet
Session Tracking Techniques
19 pages
Chapter 6 WebBrowserClientSEcurity1apr2017
No ratings yet
Chapter 6 WebBrowserClientSEcurity1apr2017
18 pages
Web Application Attacks
No ratings yet
Web Application Attacks
53 pages
2.8. Session Management: Juan M. Gimeno, Josep M. Rib o January, 2008
No ratings yet
2.8. Session Management: Juan M. Gimeno, Josep M. Rib o January, 2008
48 pages
WTA Class Notes Unit V
No ratings yet
WTA Class Notes Unit V
32 pages
Session Management
No ratings yet
Session Management
31 pages
013 HTTP Statelessness Cookie
No ratings yet
013 HTTP Statelessness Cookie
16 pages
Kaveri College of Arts, Science and Commerce: Tybsc (CS) Java Servlet
No ratings yet
Kaveri College of Arts, Science and Commerce: Tybsc (CS) Java Servlet
34 pages
WD CH-5
No ratings yet
WD CH-5
11 pages
What Is Session Tracking?: High-Level and Easy-To-Use Interface To Cookies
No ratings yet
What Is Session Tracking?: High-Level and Easy-To-Use Interface To Cookies
5 pages
Session Hijacking
No ratings yet
Session Hijacking
4 pages
Advanced Servlet Techniques
No ratings yet
Advanced Servlet Techniques
44 pages
Session Tracking
No ratings yet
Session Tracking
2 pages
Chapter 5: Servlet Sessions
No ratings yet
Chapter 5: Servlet Sessions
13 pages
Lec06_2.9m
No ratings yet
Lec06_2.9m
58 pages
Chp06 - Session Tracking
No ratings yet
Chp06 - Session Tracking
27 pages
EHP 10 - Web Attacks
No ratings yet
EHP 10 - Web Attacks
54 pages
Session Management
No ratings yet
Session Management
23 pages
Java Unit 2 - 23410735 - 2023 - 11 - 22 - 12 - 41
No ratings yet
Java Unit 2 - 23410735 - 2023 - 11 - 22 - 12 - 41
25 pages
Cs378 Slide07 Session Tracking
No ratings yet
Cs378 Slide07 Session Tracking
46 pages
Ej Unit 2 Answers
No ratings yet
Ej Unit 2 Answers
6 pages
Web Challenge 1 Supporting Material
No ratings yet
Web Challenge 1 Supporting Material
5 pages
05 Session-Management
No ratings yet
05 Session-Management
132 pages
Module 3 Part 2-1
No ratings yet
Module 3 Part 2-1
15 pages
What Are Cookies
No ratings yet
What Are Cookies
13 pages
Session Tracking
No ratings yet
Session Tracking
38 pages
Unit 5
No ratings yet
Unit 5
16 pages
Introduction TO WEB
No ratings yet
Introduction TO WEB
40 pages
WT UNIT-II & III
No ratings yet
WT UNIT-II & III
138 pages
JSP
No ratings yet
JSP
250 pages
Algebra 1 Task
No ratings yet
Algebra 1 Task
2 pages
Academic Writing Notes: ST ND RD
No ratings yet
Academic Writing Notes: ST ND RD
2 pages
Solves The Size and Speed Problem: LESSON 1 (Access Parts) 3 Solutions That Access Solves On Data Problems
No ratings yet
Solves The Size and Speed Problem: LESSON 1 (Access Parts) 3 Solutions That Access Solves On Data Problems
8 pages
Variables and Data Types
No ratings yet
Variables and Data Types
1 page
Essay
No ratings yet
Essay
1 page
Graphic Design Fundamentals
No ratings yet
Graphic Design Fundamentals
3 pages
Effects of Caffeine On Cognitive Function
No ratings yet
Effects of Caffeine On Cognitive Function
4 pages
ServletConfig, ServletContext, ServletContextListener
No ratings yet
ServletConfig, ServletContext, ServletContextListener
1 page
Religion
100% (1)
Religion
2 pages
RESTful Web API Design
100% (5)
RESTful Web API Design
61 pages
CSS3 Tags.: Name: Vijeta Roll-No.:55 Assignment 2: Design A Web Page To Demonstrate The Use of
No ratings yet
CSS3 Tags.: Name: Vijeta Roll-No.:55 Assignment 2: Design A Web Page To Demonstrate The Use of
8 pages
The Cookie Monster in Our Browsers
No ratings yet
The Cookie Monster in Our Browsers
77 pages
AstroShock PPT by Debottam Mukherjee Final
No ratings yet
AstroShock PPT by Debottam Mukherjee Final
9 pages
Werkzeug en
No ratings yet
Werkzeug en
126 pages
Dept Work Allocation System
No ratings yet
Dept Work Allocation System
100 pages
Java - How Do Servlets Work? Instantiation, Sessions, Shared Variables and Multithreading
No ratings yet
Java - How Do Servlets Work? Instantiation, Sessions, Shared Variables and Multithreading
3 pages
FINAL REPORT (1)
No ratings yet
FINAL REPORT (1)
16 pages
Introduction To Search Engine Optimization
No ratings yet
Introduction To Search Engine Optimization
22 pages
Chapter 3 Website Optimization 1
No ratings yet
Chapter 3 Website Optimization 1
55 pages
Using Zend Framework 2
100% (1)
Using Zend Framework 2
506 pages
HTML Class-2 (Background & Text)
No ratings yet
HTML Class-2 (Background & Text)
3 pages
Joomla Pharma' Hack Peter Tasker
100% (1)
Joomla Pharma' Hack Peter Tasker
6 pages
SSS
No ratings yet
SSS
1 page
Term Paper WD
No ratings yet
Term Paper WD
1 page
OSS Lab With Outputs
No ratings yet
OSS Lab With Outputs
24 pages
Lab No-11 Date: 07/04/2016: ICT-2101: Object Oriented Design and Programming Lab
No ratings yet
Lab No-11 Date: 07/04/2016: ICT-2101: Object Oriented Design and Programming Lab
6 pages
HTML
No ratings yet
HTML
44 pages
Angular Succinctly
No ratings yet
Angular Succinctly
124 pages
10. CSS Grid Layout
No ratings yet
10. CSS Grid Layout
19 pages
De SOTO - Know Your Onions
No ratings yet
De SOTO - Know Your Onions
220 pages
Minor Project Synopsis: Software Download Website
No ratings yet
Minor Project Synopsis: Software Download Website
5 pages
Vue Typescript Example: Build A CRUD Application - BezKoder
100% (1)
Vue Typescript Example: Build A CRUD Application - BezKoder
33 pages
All Passwords (60)
No ratings yet
All Passwords (60)
37 pages
Javascript Cheat Sheet
No ratings yet
Javascript Cheat Sheet
1 page
PHP Header
No ratings yet
PHP Header
4 pages
20480B Programming in HTML5 With JavaScript and CSS3
No ratings yet
20480B Programming in HTML5 With JavaScript and CSS3
11 pages
Different Types of Error Messages in Web Application Testing
No ratings yet
Different Types of Error Messages in Web Application Testing
3 pages
CSS The Adjacent-Sibling Selector
No ratings yet
CSS The Adjacent-Sibling Selector
4 pages

Managing States

Uploaded by

Managing States

Uploaded by

Managing States

- Way of clients and server speaks

Because HTTP is stateless there are 4 traditional techniques to manage states

You might also like