Fat URLs Client Identification
w在每个URL后面都附加一个用户特有的标识码。
HTTP The Definitive Guide
Some web sites keep track of user identity by generating special versions of each URL for each user.
Typically, a real URL is extended by adding some state information to the start or end of the URL
path. As the user browses the site, the web server dynamically generates hyperlinks that continue to
maintain the state information in the URLs.
URLs modified to include user state information are called fat URLs. The following are some example
fat URLs used in the Amazon.com e-commerce web site. Each URL is suffixed by a user-unique
identification number (002-1145265-8016838, in this case) that helps track a user as she browses the
store.
...
<a href="/exec/obidos/tg/browse/-/229220/ref=gr_gifts/002-
1145265-8016838">All
Gifts</a><br>
<a href="/exec/obidos/wishlist/ref=gr_pl1_/002-1145265-
8016838">Wish List</a><br>
...
<a href="http://s1.amazon.com/exec/varzea/tg/armed-forces/-
//ref=gr_af_/002-1145265-
8016838">Salute Our Troops</a><br>
<a href="/exec/obidos/tg/browse/-/749188/ref=gr_p4_/002-
1145265-8016838">Free
Shipping</a><br>
<a href="/exec/obidos/tg/browse/-/468532/ref=gr_returns/002-
1145265-8016838">Easy
Returns</a>
...
You can use fat URLs to tie the independent HTTP transactions with a web server into a single
"session" or "visit." The first time a user visits the web site, a unique ID is generated, it is added to the
URL in a server-recognizable way, and the server redirects the client to this fat URL. Whenever the
server gets a request for a fat URL, it can look up any incremental state associated with that user ID
(shopping carts, profiles, etc.), and it rewrites all outgoing hyperlinks to make them fat, to maintain
the user ID.
Fat URLs can be used to identify users as they browse a site. But this technology does have several
serious problems. Some of these problems include:
Ugly URLs
The fat URLs displayed in the browser are confusing for new users.
Can't share URLs
The fat URLs contain state information about a particular user and session. If you mail that
URL to someone else, you may inadvertently be sharing your accumulated personal
information.
Breaks caching
Generating user-specific versions of each URL means that there are no longer commonly
accessed URLs to cache.
Extra server load
The server needs to rewrite HTML pages to fatten the URLs.
Escape hatches
It is too easy for a user to accidentally "escape" from the fat URL session by jumping to
another site or by requesting a particular URL. Fat URLs work only if the user strictly follows
the premodified links. If the user escapes, he may lose his progress (perhaps a filled shopping
cart) and will have to start again.
Not persistent across sessions
All information is lost when the user logs out, unless he bookmarks the particular fat URL.
Fat URLs Client Identification的更多相关文章
- The Personal Touch Client Identification 个性化接触 客户识别
w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...
- Technical analysis of client identification mechanisms
http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium > Chro ...
- Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别
w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...
- Client IP Address Client Identification
HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...
- Cookies, Security, and Privacy Client Identification
w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...
- Cookies and Caching Client Identification
w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...
- combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification
w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...
- Cookies Client Identification
HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...
- HTTP Headers Client Identification
用户信息通过HTTP头部承载:不能实现用户唯一性标识. w HTTP The Definitive Guide Table 11-1 shows the seven HTTP request head ...
随机推荐
- CGameMainScene类
#ifndef __GAMEMAIN_SCENE_H__ #define __GAMEMAIN_SCENE_H__ #include "cocos2d.h" #include &q ...
- 每日英语:China Grapples With Genetically Modified Foods
A Chinese agricultural official's unsupported claims about the carcinogenic risks of consuming genet ...
- jsp学习之scriptlet的使用方法
scriptlet的使用 jsp页面中分三种scriptlet: 第一种:<% %> 可以在里面写java的代码.定义java变量以及书写java语句. 第二种:<%! %> ...
- 用C语言(apue)实现 把时间戳转换为国标格式的字符串(2017-07-17 22:36:12)的函数
/*******************************************************************************/ /** *** 函 数 名: cha ...
- JAVA-Word转PDF各种版本实现方式
当下做一个项目,就是各种操作office,客户的需求总是各种不按常理,来需求就得搞啊.对JAVA操作office这方面真是头大,弟弟是真滴不懂不会啊.无奈只好试啊试的.网上一大堆好使的,一大堆不好使的 ...
- Windows 8.1下安装Mac OS X 10.8虚拟机
转载自http://blog.csdn.net/jordanxinwang/article/details/43637799 1.准备 宿主操作系统:Windows 8.1 64位.特别地,需要CPU ...
- 折腾kali linux2.0
偶然的机会了解到了kali linux这个用于渗透测试的linux发行版,于是就从官网下了iso,但是制作启动盘老出错.网上查了下说在linux下用dd命令特别简单,于是转到ubuntu下制作启动盘, ...
- Okra框架(二) 搭建Socket服务器
本文将介绍使用Okra框架帮助开发者快速搭建高性能应用程序Socket服务端. 博主接触的网络游戏(包含但不限于网页, 手机)的服务端通信使用的协议基本上就Socket,Http或是WebSocket ...
- ajax——实现三级联动下拉列表
数据库: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3 ...
- WCF服务三:svc文件详解
在前面的文章中讲述过WCF服务的宿主程序主要包括:三种,在那篇文章中,简单的描述了如何把一个WCF服务寄宿到IIS上面,这篇文章中将具体讲述如何把一个WCF服务寄宿到IIS上面. 一.新建一个WCF服 ...