• Please stop using JWT for session management now


    introduction Recently, it has been found that many WEB application systems use JWT for session management. The reason is to avoid server-side storage of sessions, or to pursue independent control. I don’t know that using JWT for session management has huge security risks! HTTP session management Let me talk about the HTTP protocol first. As […]

  • Browser Principles – Browser Cache and Local Storage


    Hello everyone, I am Lin Yiyi. This is an article about the principle of browser caching and local storage. In the future, we will continue to release articles about the principle of browsers. 1. Browser cache mind Mapping The so-called browser cache is the browser throughHTTPThe act of leaving a resource locally after requesting a […]

  • [cookie]Cookie attributes and how to operate cookies


    cookie Stored locally on the user (hard disk). up to 4KB In order for the server to identify the user (distinguish the unique link), when the user visits the page for the first time, the client sends a request to the server, and when the server returns the request, it will bring the Set-Cookie field […]

  • small browser cookies


    Reference article:Browser Family Cookies and SameSite Attributes Introduction to Cookies Why do cookies appear? HTTP is a stateless protocol (HTTP here refers to HTTP 1.x), each of its requests is completely independent, each request contains the complete data required to process the request, and sending the request does not involve status change. A simple understanding […]

  • Go daily library of gorilla/securecookie


    Introduction A cookie is a mechanism for transferring small amounts of data between a web client (typically a browser) and a server. Generated by the server, sent to the client for storage, and each subsequent request of the client will bring the cookie. Cookies are more or less misused these days. Many companies use cookies […]

  • Go daily library of gorilla/sessions


    Introduction previous article“Go Daily Library of securecookie”, we introduced cookies. At the same time, it is mentioned that cookies have two disadvantages. One is that the data should not be too large, and the other is security issues. Session is a server-side storage solution that can store a large amount of data and does not […]

  • Front-end authentication: cookie, session, token, jwt, single sign-on


    In this article you will see: HTTP-based front-end authentication backgroundWhy is cookie the most convenient storage solution, and what are the ways to operate cookieHow is the session scheme implemented and what problems existHow is the token scheme implemented, how to encode and tamper-proof? What does jwt do? Implementation and significance of refresh tokenWhat are […]

  • How to request an interface that requires login to access (based on cookie)——apipost


    When developing and debugging interfaces in the background, you often encounter interfaces that require login to request. For example: to obtain the favorite list of the logged-in user, at this time, we need to simulate the login state for interface debugging. As shown in the picture: Today, we will explain how to use the environment […]

  • How to obtain cookies with one click during interface testing, and refer to them in other interfaces?


    When performing interface testing, it is often necessary to obtain the cookie returned by login and carry it to other interfaces. How to obtain the cookie with one click and reference it in other interfaces? We can use the cookie manager function of apipost Significance of the cookie manager The main function of the COOKIE […]

  • One npm package js-cookie per day


    hello, everyone, my name isFront-end senior Joshua (public account)。 Enthusiastic about doing open source and writing articles.The purpose is to help college students and young partners who have just entered the workplace to build their own front-end learning system as soon as possible.if you havelearning confusion, welcome to follow me,Contact me, I will reply you […]

  • The tool library has been used for a long time, will you still operate cookies natively?


    If used well, tool libraries and frameworks are indeed a great help, but we are afraid that we will get used to taking shortcuts and forget what our fundamental reliance is. foreword The rapid development of front-end technology inevitably brings a sense of “fatigue” to practitioners, and we often lament that we can’t learn anymore. […]

  • How to pass cookie and session authentication (nodejs/koa)


    HTTP is a stateless protocol, and each request is independent. Even if the same page sends multiple requests to the server, the server cannot distinguish whether it is the same user, so at this time, cookies can be used for identity authentication. When the user logs in successfully, the server sets a cookie for the […]