Web数据信息储存浅析 Cookie、UserData、SessionStorag

日期:2021-03-22 类型:科技新闻 

关键词:h5小游戏,h5如何制作,免费h5在线制作,h5页面在线制作,测一测h5

Cookie

它是规范的顾客端访问器情况储存方法,将会在访问器诞生没多久就有Cookie了,为何必须Cookie 这个东东?因为HTTP协议书沒有情况,因此必须1个标示/储存来纪录顾客访问器当今的情况,确保顾客访问器和服务器通信时能够了解顾客访问器当今的情况。Cookie便是纪录这个情况的器皿,Cookie在每次恳求的情况下都被带返回服务器,从而确保了Server能够了解访问器当今的情况,因为Cookie会被带返回Server,因此Cookie的內容不可以存太多,数最多不可以超出4K,4K 限定的详细介绍 http://ec.europa.eu/ipg/standards/cookies/index_en.htm
在其中1段內容为:

A browser is only required to store up to 300 cookies overall and maintain only the last 20 from each domain. The maximum size of a cookie is 4K of disk space.

可是在1些情景下将会必须储存超出4K或更多的数据信息,可是这些数据信息无需在每次恳求的情况下被带返回服务器,要是能在顾客的访问器上储存住,而且能够便捷的被Javascript读写能力便可以了,这类要求尤其在广州中山大学型RIA的运用情景下更为的急切,一部分数据信息放在顾客访问器,节省带宽,提升访问速率。HTML5规范早已替大家想起了考虑这类要求的计划方案:sessionStorage , webSqlDatabase, 微软的IE 有 userData 计划方案。


userData
微软对USERDATA的详细介绍: http://msdn2.microsoft.com/en-us/library/ms531424(VS.85).aspx
在其中1段內容为:

Security Alert:For security reasons, a UserData store is available only in the same directory and with the same protocol used to persist the store.
Security Alert:Using this behavior incorrectly can compromise the security of your application. Data in a UserData store is not encrypted and therefore not secure. Any application that has access to the drive where UserData is saved has access to the data. Therefore, it is recommended that you not persist sensitive data like credit card numbers. For more information, see Security Considerations: DHTML and Default Behaviors.
……
The userData behavior persists data across sessions, using one UserData store for each object. The UserData store is persisted in the cache using the save and load methods. Once the UserData store has been saved, it can be reloaded even if Microsoft Internet Explorer has been closed and reopened.
Setting the userData behavior class on the html, head, title, or style object causes an error when the save or load method is called.

 

userData能够在同文件目录同协议书下互相浏览,长期性储存在顾客设备上。最大储存室内空间也增大了许多。userData必须关联到1个Dom元素上应用。在userData的method中有removeAttribute方式。历经检测编码发现removeAttribute方式仿佛并不是很有用,必须应用像cookie到期的方法,才能够完全的删掉1个userData Attribute。
在 http://www.itwen.com/04web/11skill/skill20060918/60588.html 中详细介绍说userData储存在X:\Documents and Settings\当今客户\UserData\ 文件目录下。实际细节MS在userData表明文本文档中沒有实际表明。


sessionStorage
HTML5 规范对 sessionStorage的详细介绍: http://www.whatwg.org/specs/web-apps/current-work/
在其中对 sessionStorage 的详细介绍:

This specification introduces two related mechanisms, similar to HTTP session cookies [RFC2965], for storing structured data on the client side.
The first is designed for scenarios where the user is carrying out a single transaction, but could be carrying out multiple transactions in different windows at the same time.
Cookies dont really handle this case well. For example, a user could be buying plane tickets in two different windows, using the same site. If the site used cookies to keep track of which ticket the user was buying, then as the user clicked from page to page in both windows, the ticket currently being purchased would "leak" from one window to the other, potentially causing the user to buy two tickets for the same flight without really noticing.
To address this, this specification introduces the sessionStorage DOM attribute. Sites can add data to the session storage, and it will be accessible to any page from that origin opened in that window.

Html5 sessionStorage Demo: http://html5demos.com/storage
下面是依据 http://www.blogjava.net/emu/archive/2006/10/04/73385.html 中提到的IE FF 适配userData的检测编码:

拷贝编码
编码以下:

function isIE() {
return !!document.all;
}
function initUserData() {
if (isIE()) document.documentElement.addBehavior("#default#userdata");
}
function saveUserData(key, value) {
var ex;
if (isIE()) {
//IE
with (document.documentElement) try {
load(key);
setAttribute("value", value);
save(key);
return getAttribute("value");
} catch (ex) {
alert(ex.message)
}
} else if (window.sessionStorage) {
//FF 2.0+
try {
sessionStorage.setItem(key, value)
} catch (ex) {
alert(ex);
}
} else {
alert("Error occured in user data saving. your browser do not support user data.");
}
}
function loadUserData(key) {
var ex;
if (isIE()) {
//IE
with (document.documentElement) try {
load(key);
return getAttribute("value");
} catch (ex) {
alert(ex.message); return null;
}
} else if (window.sessionStorage) {
//FF 2.0+
try {
return sessionStorage.getItem(key)
} catch (ex) {
alert(ex)
}
} else {
alert("Error occured in user data loading. your browser do not support user data.")
}
}
function deleteUserData(key) {
var ex;
if (isIE()) {
//IE
with (document.documentElement) try {
load(key);
expires = new Date(3).toUTCString();
save(key);
}
catch (ex) {
alert(ex.message);
}
} else if (window.sessionStorage) {
//FF 2.0+
try {
sessionStorage.removeItem(key)
} catch (ex) {
alert(ex)
}
} else {
alert("Error occured in user data deleting. your browser do not support user data.")
}
}

userData和sessionStorage相互的特性便是:这两个目标都可以以储存比cookie大的多的多內容。而且不容易随每次恳求带返回服务器端。可是依据Html5规范和检测发现userData和sessionStorage有许多地区是不一样的。

下面是1个检测网页页面:
 

在其中的 SetInsurance link 会实际操作javascript 在IE下用userData写数据信息, 在FF下用sessionStore写数据信息。在IE下的状况是:关掉IE或重新启动设备写入的值都不容易遗失。在FF下的状况很成心思:在本网页页面写入的值在本网页页面能够浏览,在由本网页页面所开启的其它网页页面能够浏览。可是即使本网页页面开着,在导航栏栏里键入详细地址,开启本网页页面,存入的值就不可以浏览了。在本网页页面存入的值,在它的父网页页面(开启这个网页页面的网页页面)是浏览不到的。又看了看Html5规范。sessionStorage 的全名是:Client-side session and persistent storage of name/value pairs 意思估算是储存在Client的內容是有session 对话的,储存的值由session对话所维系,1旦session对话终断或遗失,存入的值也就随之消退了。因此当网页页面沒有session(父网页页面,由详细地址栏开启的网页页面),是取不到值的。当FF关掉或重新启动设备必定也就取不到值了。


webSqlDatabase
webSqlDatabase在HTML5 规范中是是非非常Cool的1个东东, 用Javascript写SQL查寻,数据信息库就在访问器里,这在之前基本上害怕想像。但是今日Safari, Chrome, Opera 都早已适用了,两个webSqlDatabase 的 Demo 网页页面: http://html5demos.com/database http://html5demos.com/database-rollback
W3C 对WEBSQLDATABASE 的详细介绍网页页面: http://dev.w3.org/html5/webdatabase/
WiKi上1个简要的表明: http://en.wikipedia.org/wiki/Web_SQL_Database

From W3C: "...an API for storing data in databases that can be queried using a variant of SQL"
Web SQL Database is supported by Google Chrome[1], Opera and Safari but will not be implemented by Mozilla(Firefox)[2] who instead propone Indexed Database API access.

不知道道 HTML 5 的 SQLDB 会被访问器适用的如何, 但是sessionStorage看上去早已能够基础考虑要求了。