w在每个URL后面都附加一个用户特有的标识码。

HTTP The Definitive Guide

Some web sites keep track of user identity by generating special versions of each URL for each user.
Typically, a real URL is extended by adding some state information to the start or end of the URL
path. As the user browses the site, the web server dynamically generates hyperlinks that continue to
maintain the state information in the URLs.
URLs modified to include user state information are called fat URLs. The following are some example
fat URLs used in the Amazon.com e-commerce web site. Each URL is suffixed by a user-unique
identification number (002-1145265-8016838, in this case) that helps track a user as she browses the
store.

...
<a href="/exec/obidos/tg/browse/-/229220/ref=gr_gifts/002-
1145265-8016838">All
Gifts</a><br>
<a href="/exec/obidos/wishlist/ref=gr_pl1_/002-1145265-
8016838">Wish List</a><br>
...
<a href="http://s1.amazon.com/exec/varzea/tg/armed-forces/-
//ref=gr_af_/002-1145265-
8016838">Salute Our Troops</a><br>
<a href="/exec/obidos/tg/browse/-/749188/ref=gr_p4_/002-
1145265-8016838">Free
Shipping</a><br>
<a href="/exec/obidos/tg/browse/-/468532/ref=gr_returns/002-
1145265-8016838">Easy
Returns</a>
...

You can use fat URLs to tie the independent HTTP transactions with a web server into a single
"session" or "visit." The first time a user visits the web site, a unique ID is generated, it is added to the
URL in a server-recognizable way, and the server redirects the client to this fat URL. Whenever the
server gets a request for a fat URL, it can look up any incremental state associated with that user ID
(shopping carts, profiles, etc.), and it rewrites all outgoing hyperlinks to make them fat, to maintain
the user ID.

Fat URLs can be used to identify users as they browse a site. But this technology does have several
serious problems. Some of these problems include:
Ugly URLs

The fat URLs displayed in the browser are confusing for new users.
Can't share URLs

The fat URLs contain state information about a particular user and session. If you mail that
URL to someone else, you may inadvertently be sharing your accumulated personal
information.
Breaks caching

Generating user-specific versions of each URL means that there are no longer commonly
accessed URLs to cache.
Extra server load

The server needs to rewrite HTML pages to fatten the URLs.
Escape hatches

It is too easy for a user to accidentally "escape" from the fat URL session by jumping to
another site or by requesting a particular URL. Fat URLs work only if the user strictly follows
the premodified links. If the user escapes, he may lose his progress (perhaps a filled shopping
cart) and will have to start again.
Not persistent across sessions

All information is lost when the user logs out, unless he bookmarks the particular fat URL.

Fat URLs Client Identification的更多相关文章

  1. The Personal Touch Client Identification 个性化接触 客户识别

    w服务器要知道和谁在交谈. HTTP The Definitive Guide Web servers may talk to thousands of different clients simul ...

  2. Technical analysis of client identification mechanisms

    http://www.chromium.org/Home/chromium-security/client-identification-mechanisms Chromium‎ > ‎Chro ...

  3. Cookies and Session Tracking Client Identification cookie与会话跟踪 客户端识别

    w HTTP The Definitive Guide Cookies can be used to track users as they make multiple transactions to ...

  4. Client IP Address Client Identification

    HTTP The Definitive Guide Early web pioneers tried using the IP address of the client as a form of i ...

  5. Cookies, Security, and Privacy Client Identification

    w HTTP The Definitive Guide Cookies themselves are not believed to be a tremendous security risk, be ...

  6. Cookies and Caching Client Identification

    w HTTP The Definitive Guide 11.6.9 Cookies and Caching You have to be careful when caching documents ...

  7. combined with the Referer header, to potentially build an exhaustive data set of user profiles and browsing habits Client Identification

    w https://www.zhihu.com/question/35307626 w 0-客户端(附加用户信息)首次请求服务端--->服务端生成session(有唯一性).session_id ...

  8. Cookies Client Identification

    HTTP The Definitive Guide Cookies are the best current way to identify users and allow persistent se ...

  9. HTTP Headers Client Identification

    用户信息通过HTTP头部承载:不能实现用户唯一性标识. w HTTP The Definitive Guide Table 11-1 shows the seven HTTP request head ...

随机推荐

  1. http_load使用详解

    1.什么是http_loadhttp_load是一款基于Linux平台的web服务器性能测试工具,用于测试web服务器的吞吐量与负载,web页面的性能. 2.http_load的安装1)下载地址wge ...

  2. map area 标签的使用

    <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title> ...

  3. HTTP Header User-Agent的ctf

    HAHA浏览器分值: 200 据说信息安全小组最近出了一款新的浏览器,叫HAHA浏览器,有些题目必须通过HAHA浏览器才能答对.小明同学坚决不要装HAHA浏览器,怕有后门,但是如何才能过这个需要安装H ...

  4. ajax——实现三级联动下拉列表

    数据库: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3 ...

  5. 小贝_redis 高级应用-事务

    redis高级应用-事务 一.redis的事务 二.redis实现事务 三.redis事务问题 一.redis的事务 事务提供了一种"将多个命令打包,然后一次性.按顺序地运行"的机 ...

  6. gin入门

    Download and install it: $ go get github.com/gin-gonic/gin Import it in your code: import "gith ...

  7. web.xml文件中<mime-mapping>

    http://blog.csdn.net/sccemstanford/article/details/9064155 ————————————————————————————————————————— ...

  8. Servlet开发-----基础及MVC设计模式

    一.Servlet介绍   Servlet本身只是普通的Java类,只有当容器为他创建了ServletConfig和ServletContext时才成为了一个Servlet:   Servlet简单的 ...

  9. Dubbo (开源分布式服务框架)

    Provider 暴露服务方称之为“服务提供者”. Consumer 调用远程服务方称之为“服务消费者”. Registry 服务注册与发现的中心目录服务称之为“服务注册中心”. Monitor 统计 ...

  10. 【BZOJ】1500: [NOI2005]维修数列(splay+变态题)

    http://www.lydsy.com/JudgeOnline/problem.php?id=1500 模板不打熟你确定考场上调试得出来? 首先有非常多的坑点...我遇到的第一个就是,如何pushu ...