Cookie
它是标准的客户端浏览器状态保存方式,可能在浏览器诞生不久就有Cookie了,为什么需要Cookie 这个东东?由于HTTP协议没有状态,所以需要一个标志/存储来记录客户浏览器当前的状态,保证客户浏览器和服务器通讯时可以知道客户浏览器当前的状态。Cookie就是记录这个状态的容器,Cookie在每次请求的时候都被带回到服务器,从而保证了Server可以知道浏览器当前的状态,由于Cookie会被带回到Server,所以Cookie的内容不能存太多,最多不能超过4K,4K 限制的介绍 http://ec.europa.eu/ipg/standards/cookies/index_en.htm
其中一段内容为:
A browser is only required to store up to 300 cookies overall and maintain only the last 20 from each domain. The maximum size of a cookie is 4K of disk space.
但是在一些场景下可能需要存储超过4K或者更多的数据,但是这些数据不用在每次请求的时候被带回到服务器,只要能在客户的浏览器上保存住,并且可以方便的被Javascript读写就可以了,这种需求尤为在中大型RIA的应用场景下更加的迫切,部分数据放在客户浏览器,节约带宽,提高浏览速度。HTML5标准已经替我们想到了满足这种需求的方案:sessionStorage , webSqlDatabase, 微软的IE 有 userData 方案。
userData
微软对USERDATA的介绍: http://msdn2.microsoft.com/en-us/library/ms531424(VS.85).aspx
其中一段内容为:
Security Alert:For security reasons, a UserData store is available only in the same directory and with the same protocol used to persist the store.
Security Alert:Using this behavior incorrectly can compromise the security of your application. Data in a UserData store is not encrypted and therefore not secure. Any application that has access to the drive where UserData is saved has access to the data. Therefore, it is recommended that you not persist sensitive data like credit card numbers. For more information, see Security Considerations: DHTML and Default Behaviors.
……
The userData behavior persists data across sessions, using one UserData store for each object. The UserData store is persisted in the cache using the save and load methods. Once the UserData store has been saved, it can be reloaded even if Microsoft Internet Explorer has been closed and reopened.
Setting the userData behavior class on the html, head, title, or style object causes an error when the save or load method is called.
userData可以在同目录同协议下相互访问,长期存储在客户机器上。最大存储空间也增大了很多。userData需要绑定到一个Dom元素上使用。在userData的method中有removeAttribute方法。经过测试代码发现removeAttribute方法好像不是很管用,需要使用像cookie过期的方式,才可以彻底的删除一个userData Attribute。
在 http://www.itwen.com/04web/11skill/skill20060918/60588.html 中介绍说userData存储在X:/Documents and Settings/当前用户/UserData/ 目录下。具体细节MS在userData说明文档中没有具体说明。
sessionStorage
HTML5 标准对 sessionStorage的介绍: http://www.whatwg.org/specs/web-apps/current-work/
其中对 sessionStorage 的介绍:
This specification introduces two related mechanisms, similar to HTTP session cookies [RFC2965], for storing structured data on the client side.
The first is designed for scenarios where the user is carrying out a single transaction, but could be carrying out multiple transactions in different windows at the same time.
Cookies dont really handle this case well. For example, a user could be buying plane tickets in two different windows, using the same site. If the site used cookies to keep track of which ticket the user was buying, then as the user clicked from page to page in both windows, the ticket currently being purchased would "leak" from one window to the other, potentially causing the user to buy two tickets for the same flight without really noticing.
To address this, this specification introduces the sessionStorage DOM attribute. Sites can add data to the session storage, and it will be accessible to any page from that origin opened in that window.
Html5 sessionStorage Demo: http://html5demos.com/storage
下面是根据 http://www.blogjava.net/emu/archive/2006/10/04/73385.html 中提到的IE FF 兼容userData的测试代码:
新闻热点
疑难解答
