用户信息通过HTTP头部承载:不能实现用户唯一性标识。

w

HTTP The Definitive Guide

Table 11-1 shows the seven HTTP request headers that most commonly carry information about the
user. We'll discuss the first three now; the last four headers are used for more advanced identification
techniques that we'll discuss later.

The From header contains the user's email address. Ideally, this would be a viable source of user
identification, because each user would have a different email address. However, few browsers send From headers, due to worries of unscrupulous servers collecting email addresses and using them for
junk mail distribution. In practice, From headers are sent by automated robots or spiders so that if
something goes astray, a webmaster has someplace to send angry email complaints.
The User-Agent header tells the server information about the browser the user is using, including the
name and version of the program, and often information about the operating system. This sometimes
is useful for customizing content to interoperate well with particular browsers and their attributes, but
that doesn't do much to help identify the particular user in any meaningful way. Here are two User-
Agent headers, one sent by Netscape Navigator and the other by Microsoft Internet Explorer:
Navigator 6.2

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-
US; rv:0.9.4) Gecko/20011128
Netscape6/6.2.1
Internet Explorer 6.01

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0)
The Referer header provides the URL of the page the user is coming from. The Referer header alone
does not directly identify the user, but it does tell what page the user previously visited. You can use
this to better understand user browsing behavior and user interests. For example, if you arrive at a web
server coming from a baseball site, the server may infer you are a baseball fan.
The From, User-Agent, and Referer headers are insufficient for dependable identification purposes.
The remaining sections discuss more precise schemes to identify particular users.

HTTP Headers Client Identification的更多相关文章

  1. Technical analysis of client identification mechanisms

    http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium‎ > ‎Chro ...

  2. Client IP Address Client Identification

    HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...

  3. The Personal Touch Client Identification 个性化接触 客户识别

    w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...

  4. Cookies and Caching Client Identification

    w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...

  5. Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别

    w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...

  6. Cookies Client Identification

    HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...

  7. Fat URLs Client Identification

    w在每个URL后面都附加一个用户特有的标识码. HTTP The Definitive Guide Some web sites keep track of user identity by gene ...

  8. Cookies, Security, and Privacy Client Identification

    w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...

  9. combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification

    w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...

随机推荐

  1. JVM基础学习之类的加载、链接和初始化

    本文我们一起讨论Java类的加载.链接和初始化. Java字节代码的表现形式是字节数组(byte[]),而Java类在JVM中的表现形式是 java.lang.Class类 的对象.一个Java类从字 ...

  2. wpa_cli 连接 wifi(转)

    wpa_cli 连接 wifi 转自:http://hi.baidu.com/yyangjjun/item/9dfe8e175439fc7a1009b5ba   1: run wpa_supplica ...

  3. libjpeg.a exists or that its path is correct

    Android NDK: ERROR:/cygdrive/e/cocos2d-x/code/cocos2d-2.1rc0-x-2.1.3/HelloTest1/proj.android/../../c ...

  4. 2、Reactive Extensions for .NET(译)

    实验3-引入 .net 中的 events 到 Rx 目标:前面实验中的使用各种工厂构造方法创建一个 可观察序列是一个部分.把 .net 中现有的异步数据源进行关联 是更重要的事情.在这次实验中我们将 ...

  5. Ubuntu下安装RabbbitVCS(图形化svn管理工具)- Ubuntu也有TortoiseSVN

    在Windows下用惯了TortoiseSVN这只小乌龟,到了Ubuntu下很不习惯命令行的SVN,于是经过一番寻找安装了RabbitVCS这款SVN图形化前端工具(官方网站:http://rabbi ...

  6. 解决在eclipse中配置Tomcat时,出现"Cannot create a server using the selected type"的错误

    比如说使用tomcat 这是因为你之前创建过一次,比如说tomcat6,你指定的目录是:D:/tomcat-6.0.3 后来因为某种原因你把tomcat删了,然后你又安装到了E:/tomcat-6.0 ...

  7. onResume

    比如做一个音乐播放程序,在播放过程中,突然有电话打进来了,这时系统自动调出电话,而你的音乐播放程序置于后台,触发了onPause方法.当你电话结束后,关闭电话,又自动回到音乐播放程序,此时,触发onR ...

  8. 开启Visual Studio 2013时,出现Microsoft.VisualStudio.Web.PasteJson.JsonPackage无法载入的可能解決方案

    1.先下载:http://www.jb51.net/dll/Microsoft.VisualStudio.Web.PasteJson.dll.html Microsoft.VisualStudio.W ...

  9. Tomcat热部署及错误排查

    Maven的热部署 第一步:配置Tomcat的登陆的用户名与密码 C:\apache-tomcat-7.0.33\conf\ tomcat-users.xml  从第36行开始配置     <r ...

  10. 微信小程序 - toptip效果

    在Page顶部下滑一个提示条 , 代码见 /mixins/UIComponent.js ,其中的self 可以认为是微信小程序的Page对象 效果: 默认2秒展示,上移动画隐藏 /** * 展示顶部 ...