State Representation in HTTP
HTTP, the protocol over which the web is built, is a stateless protocol. Each HTTP request is user session context independent, and the server is, on the HTTP protocol level, unaware of any relationship between consecutive requests.
This has made HTTP a highly scalable and versatile protocol. However, in most Web applications some notion of a user session – that is short-term, user specific data storage, is required.
For example, without some sort of state representation a web application cannot distinguish between logged-in users (or technically put, requests coming from an HTTP client that has logged in) and non logged-in users. In many cases even more complex data, such as the contents of a shopping cart, must be maintained between requests and attached to a specific user or browser.
HTTP leaves the solution of such problems to the application. In the PHP world, as in most web-oriented platforms, two main standard methods exist for storing short-term user specific data: Cookies and Sessions.
HTTP Cookies
Cookies are set by the server, and are stored by the browser on the end user’s machine. Browsers will re-send a Cookie to the same domain in which it originated, until it expires. This allows storing limited amounts of user-specific information and making them available to the application on each request made by the same user. Cookies are convenient and scalable (no storage is required on the server side), but are also limited due to a number of reasons:
Cookies are limited in size, and the limit varies per browser. Even if the limit is high, large amounts of data sent back and forth in each request may have a negative effect on performance and bandwidth consumption.
Cookies are sent repeatedly, on each request to the server. This means that any sensitive data contained in cookies is exposed to sniffing attacks, unless HTTPS is constantly used – which is in most cases not an effective option.
Cookies store strings – storing other, more complex types of information will require serialization and de-serialization to be handled in the application level.
Cookie data is stored on the client side – and as such, is exposed to manipulation and forgery by end users, and cannot be trusted by the server.
These limitations make it almost impossible to rely on Cookies to solve all state representation problems. As a better solution, PHP offers the Sessions concept.
skip to main |
skip to sidebar
Stat Counter
Total Pageviews
Popular Posts
-
Sukrit Infotech offer end to end solution in website designing, development, hosting and maintenance support. our services like providing h...
-
Even though both Magento and Joomla are open origin results for web developers however there are various distinctions between them. Both...
-
Which Company offers Joomla maintenance packages for those who use the Joomla stage to run and control their sites and need the true sere...
-
Php or Hypertext Preprocessor is an open-source, broadly useful server-side scripting language which is considerably used to advance chang...
-
Joomla WordPress, Joomla, Magento. Well in previous article I explain the some differences and similarities between the Joomla an...
-
Browsers can load page elements in parallel. Specifying different domains for media, skin, and JavaScript URLs in the Magento Enterprise Edi...
-
2012 has skilled us with some visible enhancements in e-commerce web development front like Responsive design for both desktop & mobi...
-
Altering the add of articles is a two-stage handle in the Joomla content management system(CMS). You will reorder first in Joomla's Ar...
-
There are various types of online marketing methods to choose from including PPC, SEO, SMO and email marketing. It is a well-known fact th...
-
The e-commerce industry is booming these days. Every year, it is quite easy to notice the launch of new e-stores. The prime aim of the e-s...
Category List
- affordable website development (47)
- android app developer (7)
- android application developer (11)
- application velopment (7)
- hire php programmer (25)
- internet marketing company (1)
- joomla web design (2)
- joomla web design company (19)
- joomla website development (1)
- joomla website development (25)
- mageno development india (19)
- mobile application development (28)
- mobile application development company (19)
- online marketing company (2)
- pay per click company (36)
- pay per click management (3)
- pay Per click services (1)
- php developers india (4)
- php developers ndia (16)
- php programmer india (1)
- seo company india (28)
- seo services companies (24)
- web development company (29)
- Web maintenance services (19)
- web portal design (1)
- website design company (24)
- website development company (26)
- website maintenance company (38)
- wordpress design companies (10)
- wordpress development company (35)
Blog Archive
-
▼
2012
(23)
-
▼
January
(17)
- Relational Database Storage
- Existing Session Storage Engines
- Background: PHP Sessions
- Magento: Using Parallel Connections
- Magento: Number of HTTP Requests per Page
- Caching in Magento Enterprise Edition-II
- Caching in Magento Enterprise Edition-I
- Caching in Magento Enterprise Edition
- Magento: Scaling Web Nodes
- Magento: Handling Sessions
- Magento: Scalability
- Megento: Working with JavaScript-II
- Megento: Working with JavaScript-I
- Megento: Working with JavaScript
- What is Code Tracing?
- Zend Server as Bottleneck Breaker
- Anatomy of a Deployment Bottleneck
-
▼
January
(17)
www.sukritinfotech.com. Powered by Blogger.
Blog Archive
-
▼
2012
(23)
-
▼
January
(17)
- Relational Database Storage
- Existing Session Storage Engines
- Background: PHP Sessions
- Magento: Using Parallel Connections
- Magento: Number of HTTP Requests per Page
- Caching in Magento Enterprise Edition-II
- Caching in Magento Enterprise Edition-I
- Caching in Magento Enterprise Edition
- Magento: Scaling Web Nodes
- Magento: Handling Sessions
- Magento: Scalability
- Megento: Working with JavaScript-II
- Megento: Working with JavaScript-I
- Megento: Working with JavaScript
- What is Code Tracing?
- Zend Server as Bottleneck Breaker
- Anatomy of a Deployment Bottleneck
-
▼
January
(17)
0 comments:
Post a Comment