用户信息通过HTTP头部承载:不能实现用户唯一性标识。

w

HTTP The Definitive Guide

Table 11-1 shows the seven HTTP request headers that most commonly carry information about the
user. We'll discuss the first three now; the last four headers are used for more advanced identification
techniques that we'll discuss later.

The From header contains the user's email address. Ideally, this would be a viable source of user
identification, because each user would have a different email address. However, few browsers send From headers, due to worries of unscrupulous servers collecting email addresses and using them for
junk mail distribution. In practice, From headers are sent by automated robots or spiders so that if
something goes astray, a webmaster has someplace to send angry email complaints.
The User-Agent header tells the server information about the browser the user is using, including the
name and version of the program, and often information about the operating system. This sometimes
is useful for customizing content to interoperate well with particular browsers and their attributes, but
that doesn't do much to help identify the particular user in any meaningful way. Here are two User-
Agent headers, one sent by Netscape Navigator and the other by Microsoft Internet Explorer:
Navigator 6.2

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-
US; rv:0.9.4) Gecko/20011128
Netscape6/6.2.1
Internet Explorer 6.01

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0)
The Referer header provides the URL of the page the user is coming from. The Referer header alone
does not directly identify the user, but it does tell what page the user previously visited. You can use
this to better understand user browsing behavior and user interests. For example, if you arrive at a web
server coming from a baseball site, the server may infer you are a baseball fan.
The From, User-Agent, and Referer headers are insufficient for dependable identification purposes.
The remaining sections discuss more precise schemes to identify particular users.

HTTP Headers Client Identification的更多相关文章

  1. Technical analysis of client identification mechanisms

    http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium‎ > ‎Chro ...

  2. Client IP Address Client Identification

    HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...

  3. The Personal Touch Client Identification 个性化接触 客户识别

    w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...

  4. Cookies and Caching Client Identification

    w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...

  5. Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别

    w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...

  6. Cookies Client Identification

    HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...

  7. Fat URLs Client Identification

    w在每个URL后面都附加一个用户特有的标识码. HTTP The Definitive Guide Some web sites keep track of user identity by gene ...

  8. Cookies, Security, and Privacy Client Identification

    w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...

  9. combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification

    w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...

随机推荐

  1. layoutSubviews什么时候触发调用

    ios layout机制相关方法 - (CGSize)sizeThatFits:(CGSize)size - (void)sizeToFit ——————- - (void)layoutSubview ...

  2. angularjs 构建主页 内置过滤器、日期的格式化

    从构建负责管理主屏幕的 MainController 开始.在这个 MainController 控制器内,只需设置一个每秒运转一次,同时更新一个局部作用域变量的延时 angular.module(' ...

  3. oracle时间操作结合to_char和to_date使用

    1,按每个10分钟进行分组展示数据 例如 有这么一张表 XATXDAY_FLIGHT(航班飞航表), 有这么一个字段 STD_LOCAL(起飞时间), 要求:统计一天24小时之内每隔10分钟,这10分 ...

  4. [C++]红色波浪线是什么意思

    相关资料:https://zhidao.baidu.com/question/242005953.html 问题现象:在写C++代码时,写的注释都是红色波浪线. 问题原因:波浪线表示 词语拼写错误 字 ...

  5. LinQ的简单使用

    1.LinQ to Sql类(NET Language Integrated Query (LINQ) ) LINQ定义了大约40个查询操作符,如select.from.in.where以及order ...

  6. lua工具库penlight--07函数编程(二)

    列表压缩 列表压缩是以紧凑的方式通过指定的元素创建表.在 Python里,你可以说: ls = [x for x in range(5)]  # == [0,1,2,3,4] 在 Lua,使用pl.c ...

  7. RP2836 OUT0-OUT7 对应关系

    ARM-IO9           OUT0        PA8 备用 P5-A4管脚,可以连接74HC164D级联 ARM-IO10         OUT7        PA1       3 ...

  8. Android——gridLayout(网格布局)

    <?xml version="1.0" encoding="utf-8"?> <GridLayout xmlns:android=" ...

  9. 面向对象设计原则三:里氏替换原则(LSP)

    里氏替换原则(LSP)定义:在任何父类出现的地方都可以用它的子类类替换,且不影响功能.解释说明:其实LSP是对开闭原则的一个扩展,在OO思想中,我们知道对象是由一系列的状态和行为组成的,里氏替换原则说 ...

  10. Libgdx多线程与渲染线程

    http://www.leestorm.com/post/115.html ——————————————————————————————————————————————————————————‘ 大部 ...