用户信息通过HTTP头部承载:不能实现用户唯一性标识。

w

HTTP The Definitive Guide

Table 11-1 shows the seven HTTP request headers that most commonly carry information about the
user. We'll discuss the first three now; the last four headers are used for more advanced identification
techniques that we'll discuss later.

The From header contains the user's email address. Ideally, this would be a viable source of user
identification, because each user would have a different email address. However, few browsers send From headers, due to worries of unscrupulous servers collecting email addresses and using them for
junk mail distribution. In practice, From headers are sent by automated robots or spiders so that if
something goes astray, a webmaster has someplace to send angry email complaints.
The User-Agent header tells the server information about the browser the user is using, including the
name and version of the program, and often information about the operating system. This sometimes
is useful for customizing content to interoperate well with particular browsers and their attributes, but
that doesn't do much to help identify the particular user in any meaningful way. Here are two User-
Agent headers, one sent by Netscape Navigator and the other by Microsoft Internet Explorer:
Navigator 6.2

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-
US; rv:0.9.4) Gecko/20011128
Netscape6/6.2.1
Internet Explorer 6.01

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.0)
The Referer header provides the URL of the page the user is coming from. The Referer header alone
does not directly identify the user, but it does tell what page the user previously visited. You can use
this to better understand user browsing behavior and user interests. For example, if you arrive at a web
server coming from a baseball site, the server may infer you are a baseball fan.
The From, User-Agent, and Referer headers are insufficient for dependable identification purposes.
The remaining sections discuss more precise schemes to identify particular users.

HTTP Headers Client Identification的更多相关文章

  1. Technical analysis of client identification mechanisms

    http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium‎ > ‎Chro ...

  2. Client IP Address Client Identification

    HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...

  3. The Personal Touch Client Identification 个性化接触 客户识别

    w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...

  4. Cookies and Caching Client Identification

    w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...

  5. Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别

    w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...

  6. Cookies Client Identification

    HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...

  7. Fat URLs Client Identification

    w在每个URL后面都附加一个用户特有的标识码. HTTP The Definitive Guide Some web sites keep track of user identity by gene ...

  8. Cookies, Security, and Privacy Client Identification

    w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...

  9. combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification

    w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...

随机推荐

  1. matlab保存画框图像去白边

    在matlab图像处理中,为了标识出图像的目标区域来,需要利用plot函数或者rectangle函数,这样标识目标后,就保存图像. 一般saves保存的图像存在白边,可以采用imwrite对图像进行保 ...

  2. 自己构造用于异步请求的JSON数据

    有时候.serialize()或者.serializeJSON()莫名其妙的不能按照我们的要求将数据序列化. 或者其他什么问题然我们需要自己惊醒JSON数据的构造.因为js对JSON的支持做的比较好, ...

  3. Windows Phone 解析手机型号DeviceStatus.DeviceName

    问题的产生 在WP开发过程中难免遇到统计等相关的数据回收,那么当使用DeviceStatus.DeviceName这个来获取设备的名称时经常会得到类似下面的设备信息:     可以看出这样的数据很不直 ...

  4. Java调用doNet webService方法

    doNet的webService 浏览器访问测试地址:http://192.168.4.17/JLWWS/sendCommand.asmx,出现 点击getDeviceValue方法,出现 上图的xm ...

  5. Libgdx window add alpha action change the background actor alpha

    现象: Stage中包括一个Window,一个Actor,Window中加入alpha action后,Actor也随之消失:Actor加入alpha action后,不起作用. 解决: 重写draw ...

  6. JAVA会将所有的错误封装成为一个对象,其根本父类为Throwable

    JAVA会将所有的错误封装成为一个对象,其根本父类为Throwable. Throwable有两个子类:Error和Exception. 一个Error对象表示一个程序错误,指的是底层的.低级的.不可 ...

  7. php -- php的事务处理

    MYSQL的事务处理主要有两种方法. 1.用begin,rollback,commit来实现 begin 开始一个事务 rollback 事务回滚 commit 事务确认 2.直接用set来改变mys ...

  8. php -- instanceof、class_exists、insterface_exists、method_exists、get_class、get_parent_class

    class_exists:类是否存在 在创建对象之前判断类是否存在,如果不存在就应该先加载类,再创建对象,容错. interface_exists:接口是否存在 method_exists:方法是否存 ...

  9. Centos下使用压缩包安装MySQL5.7

    今天在自己的centos服务器上安装mysql,碰到的问题相当的多,装个mysql远比在windows复杂的多.这里通过查找的一些博文(包括前几篇)来记录安装mysql时的各种问题.可能步骤不完整,当 ...

  10. hdu 4928 Series 2 (优化+模拟)

    题意: 一个含n个数的序列a,每两个相邻的数相减得到一个新数,这些数组成一个新的序列. 假设全部得到的序列都满足非严格的单调性.则原序列为nice series.假设给出的序列 本来不满足单调性.它是 ...