用户信息通过HTTP头部承载:不能实现用户唯一性标识。

w

HTTP The Definitive Guide

Table 11-1 shows the seven HTTP request headers that most commonly carry information about the
user. We'll discuss the first three now; the last four headers are used for more advanced identification
techniques that we'll discuss later.

The From header contains the user's email address. Ideally, this would be a viable source of user
identification, because each user would have a different email address. However, few browsers send From headers, due to worries of unscrupulous servers collecting email addresses and using them for
junk mail distribution. In practice, From headers are sent by automated robots or spiders so that if
something goes astray, a webmaster has someplace to send angry email complaints.
The User-Agent header tells the server information about the browser the user is using, including the
name and version of the program, and often information about the operating system. This sometimes
is useful for customizing content to interoperate well with particular browsers and their attributes, but
that doesn't do much to help identify the particular user in any meaningful way. Here are two User-
Agent headers, one sent by Netscape Navigator and the other by Microsoft Internet Explorer:
Navigator 6.2

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-
US; rv:0.9.4) Gecko/20011128
Netscape6/6.2.1
Internet Explorer 6.01

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0)
The Referer header provides the URL of the page the user is coming from. The Referer header alone
does not directly identify the user, but it does tell what page the user previously visited. You can use
this to better understand user browsing behavior and user interests. For example, if you arrive at a web
server coming from a baseball site, the server may infer you are a baseball fan.
The From, User-Agent, and Referer headers are insufficient for dependable identification purposes.
The remaining sections discuss more precise schemes to identify particular users.

HTTP Headers Client Identification的更多相关文章

  1. Technical analysis of client identification mechanisms

    http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium‎ > ‎Chro ...

  2. Client IP Address Client Identification

    HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...

  3. The Personal Touch Client Identification 个性化接触 客户识别

    w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...

  4. Cookies and Caching Client Identification

    w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...

  5. Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别

    w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...

  6. Cookies Client Identification

    HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...

  7. Fat URLs Client Identification

    w在每个URL后面都附加一个用户特有的标识码. HTTP The Definitive Guide Some web sites keep track of user identity by gene ...

  8. Cookies, Security, and Privacy Client Identification

    w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...

  9. combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification

    w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...

随机推荐

  1. SAP R3和JAVA交换数据之JCO

    SAP Java Connector (JCo)     SAP的JAVA中间件,使用它可以使SAP的客户和合作伙伴使用JAVA语言轻松地建立可以和SAP系统通信的兼容的组件和应用程序下面是JCo一些 ...

  2. RIP动态路由的配置

    RIP其实相对比会比静态路由会简单的多,只需要使用rip命令添加邻居的网络号即可. 命令: Router(config)#ip route rip Router(config-router)#netw ...

  3. 利用MapReduce实现数据去重

    数据去重主要是为了利用并行化的思想对数据进行有意义的筛选. 统计大数据集上的数据种类个数.从网站日志中计算访问地等这些看似庞杂的任务都会涉及数据去重. 示例文件内容: 此处应有示例文件 设计思路 数据 ...

  4. Windows 只能安装32位虚拟机问题

    查了一下相关原因,是因为cpu的虚拟化没有打开的原因 解决方法: 进去bios 里面, 进入 configuration , 将 Intel Virtual Technology 设为Enabled ...

  5. typeof关键字

    C语言中 typeof 关键字是用来定义变量数据类型的.在linux内核源代码中广泛使用. 使用方法 1.当x的类型为是 int 时 _min1变量的数据类型则为 int. 2.当x为一个表达式时(例 ...

  6. /proc/meminfo分析

    参考: 1. linux/Documentation/filesystems/proc.txt 2. Linux 中 /proc/meminfo 的含义 3. redhat deployment gu ...

  7. 《高性能MySQL》读书笔记(1)

    慢查询 当一个资源变得效率低下的时候,应该了解一下为什么会这样.有如下可能原因:1.资源被过度使用,余量已经不足以正常工作.2.资源没有被正确配置3.资源已经损坏或者失灵 因为慢查询,太多查询的实践过 ...

  8. SQL简明教程系列15 创建索引

    CREATE INDEX用于在表中创建索引. 索引使数据库应用程序可以更快地查找数据. 注:更新一个包含索引的表比更新一个没有索引的表更多的时间,这是由于索引本身也需要更新.因此,理想的做法是仅仅在常 ...

  9. Enlish相关术语

    APM 自动编程机(Automatic Programming Machine) 高级电源管理(Advanced Power Management) OSD 屏幕显示(On Screen Displa ...

  10. 关于Unity的C#基础学习(三)

    面向对象 一.编码注意 1.每个C#的脚本只有唯一的一个类是继承自MonoBehaviour 2.类的名字要和我们的文件名字一样 3.代码的缩进 个人习惯:在类的内部来访问数据成员/成员函数的时候,用 ...