Difference between Session and Cookies
Sessions
It is used to store user information in server memory. Usually it stores userid, name etc.. sensitive information stored in session and it will maintain its state when you navigate through a website. You can store the session information either in cookies or cookieless mode.
If cookieless = false, session value stored in cookies, if it true it will be stored in the browser URL. but if you copy the URL and paste in another tab of the same browser the session will be expired.
You can store the session in three modes
In-Proc
State server
SQL server
Example
Session["userName"] = "Ganesh Ram";
if(Session["UserName"] != null)
lblUserName.Text = Session["UserName"].ToString();
Cookies
Cookies
are stored per-user on the users machine. A cookie is usually just a
bit of information. Cookies are usually used for simple user settings
colours preferences etc. No sensitive information should ever be stored in a cookie.
You can never fully trust that a cookie has not been tampered with by
a user or outside source however if security is a big concern and you
must use cookies then you can either encrypt your cookies or set them to
only be transmitted over SSL. A user can clear there cookies at any
time or not allow cookies altogether so you cannot count on them being
there just because I user has visited your site in the past.
//add a username Cookie
Response.Cookies["UserName"].Value = "Ganesh Ram";
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(10);
//request a username cookie
if(Request.Cookies["UserName"] != null)
lblUserName.Text = Server.HtmlEncode(Request.Cookies["UserName"].Value); 
Subscribe to:
Post Comments (Atom)
Subscribe to my blog using RSS
0 comments:
Post a Comment