Fat URLs Client Identification
w在每个URL后面都附加一个用户特有的标识码。
HTTP The Definitive Guide
Some web sites keep track of user identity by generating special versions of each URL for each user.
Typically, a real URL is extended by adding some state information to the start or end of the URL
path. As the user browses the site, the web server dynamically generates hyperlinks that continue to
maintain the state information in the URLs.
URLs modified to include user state information are called fat URLs. The following are some example
fat URLs used in the Amazon.com e-commerce web site. Each URL is suffixed by a user-unique
identification number (002-1145265-8016838, in this case) that helps track a user as she browses the
store.
...
<a href="/exec/obidos/tg/browse/-/229220/ref=gr_gifts/002-
1145265-8016838">All
Gifts</a><br>
<a href="/exec/obidos/wishlist/ref=gr_pl1_/002-1145265-
8016838">Wish List</a><br>
...
<a href="http://s1.amazon.com/exec/varzea/tg/armed-forces/-
//ref=gr_af_/002-1145265-
8016838">Salute Our Troops</a><br>
<a href="/exec/obidos/tg/browse/-/749188/ref=gr_p4_/002-
1145265-8016838">Free
Shipping</a><br>
<a href="/exec/obidos/tg/browse/-/468532/ref=gr_returns/002-
1145265-8016838">Easy
Returns</a>
...
You can use fat URLs to tie the independent HTTP transactions with a web server into a single
"session" or "visit." The first time a user visits the web site, a unique ID is generated, it is added to the
URL in a server-recognizable way, and the server redirects the client to this fat URL. Whenever the
server gets a request for a fat URL, it can look up any incremental state associated with that user ID
(shopping carts, profiles, etc.), and it rewrites all outgoing hyperlinks to make them fat, to maintain
the user ID.
Fat URLs can be used to identify users as they browse a site. But this technology does have several
serious problems. Some of these problems include:
Ugly URLs
The fat URLs displayed in the browser are confusing for new users.
Can't share URLs
The fat URLs contain state information about a particular user and session. If you mail that
URL to someone else, you may inadvertently be sharing your accumulated personal
information.
Breaks caching
Generating user-specific versions of each URL means that there are no longer commonly
accessed URLs to cache.
Extra server load
The server needs to rewrite HTML pages to fatten the URLs.
Escape hatches
It is too easy for a user to accidentally "escape" from the fat URL session by jumping to
another site or by requesting a particular URL. Fat URLs work only if the user strictly follows
the premodified links. If the user escapes, he may lose his progress (perhaps a filled shopping
cart) and will have to start again.
Not persistent across sessions
All information is lost when the user logs out, unless he bookmarks the particular fat URL.
Fat URLs Client Identification的更多相关文章
- The Personal Touch Client Identification 个性化接触 客户识别
w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...
- Technical analysis of client identification mechanisms
http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium > Chro ...
- Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别
w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...
- Client IP Address Client Identification
HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...
- Cookies, Security, and Privacy Client Identification
w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...
- Cookies and Caching Client Identification
w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...
- combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification
w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...
- Cookies Client Identification
HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...
- HTTP Headers Client Identification
用户信息通过HTTP头部承载:不能实现用户唯一性标识. w HTTP The Definitive Guide Table 11-1 shows the seven HTTP request head ...
随机推荐
- 问题-Ctrl+F7跟踪值时提示“Function to be called, TGGLPolyhedron3d.AsString, was eliminated by linker”
问题现象:F9运行程序后,选中一个对象,Ctrl+F7跟踪值时,调用对象的某一个方法提示“Function to be called, TGGLPolyhedron3d.AsString, was e ...
- jq 按回车键 登陆
$("body").keydown(function(e) { if (event.which == "13") {//keyCode= ...
- [android] AndroidManifest.xml【 manifest -> permission-tree 和 manifest -> permission-group】
permission-tree 权限树 <permission-tree android:icon="drawable resource" android:label=&qu ...
- Lifecycle for overriding binding, validation, etc,易于同其它View框架(Tiles等)无缝集成,采用IOC便于测试。
Lifecycle for overriding binding, validation, etc,易于同其它View框架(Tiles等)无缝集成,采用IOC便于测试. 它是一个典型的教科书式的mvc ...
- List接口的实现类与ArrayList相似,区别是Vector是重量级的组件,使用使消耗的资源比较多
List接口的实现类(Vector)(与ArrayList相似,区别是Vector是重量级的组件,使用使消耗的资源比较多.) 结论:在考虑并发的情况下用Vector(保证线程的安全). 在不考虑并发的 ...
- 正向工程、逆向工程与MDA
正向工程.逆向工程与MDA 正向工程:从UML图形生成代码: 逆向工程:从代码和成UML图形: //不要依赖于正向或逆向工程,仅是一种辅助手段.画图的目的不是为了生成代码:而写代码的目的也不是为了生成 ...
- php -- 魔术方法 之 获取属性:__get()
属性重载:当访问一个不存在或者权限不够的属性的时候,能够触发一系列的魔术方法,就叫做属性重载 __get():获取不存在或者权限不够的属性的时候会自动触发 <?php header('Conte ...
- pydoc介绍
Ka-Ping Yee 曾创建了一个相当著名的模块,名叫 pydoc (比较而言: pydoc 可以做到 perldoc 所能做的任何事,并且做得更好.更漂亮:-).对于 Python 2.1 来说, ...
- EF 序列化实体为Json时的循环引用问题(不用自己写实体,不用匿名类型,不用EF的上下文属性)
自己写实体可以完美解决这个问题.(支持时间格式自定义) 用匿名类型也可以. 设置上下文方法如下: (jz为数据库上下文对象) jz.Configuration.ProxyCreationEnabled ...
- pl/sql developer导出数据到excel的方法
http://yedward.net/?id=92 问题说明:使用pl/sql developer导出数据到excel表格中是非常有必要的,一般的可能直接在导出的时候选择csv格式即可,因为该格式可以 ...