7.1 Keep-Alive header

And a few more useful titles. The Keep-Alive header tells the server to keep the connection open: the server will not close the connection immediately after sending the response. This will cause the next request from the same client to the server to be completed faster.

An example of such a header:

Connection: Keep-Alive

But if all clients require a permanent connection, then problems will begin at the server. The server will either be unavailable or start closing connections on its own.

7.2 Cache-Control header

The Cache-Control header can be used to control content caching. Properly configured caching speeds up work with content, crookedly configured caching creates problems out of the blue.

To disable caching, you need to write the following header:

Cache-Control: no-cache, no-store, must-revalidate

Nothing should be stored in the cache - neither from client requests, nor from server responses. The request is always sent to the server, the response is always downloaded completely.

You can also enable the most primitive and reliable type of caching :

Cache-Control: no-cache

Before giving out a copy, the cache queries the origin server to see if the resource is up to date.

You can specify the resource cache time in seconds . The heading will look like this:

Cache-Control: max-age=31536000

This header specifies the maximum cache time for content.

You can read more about caching here.

7.3 Cookies

The server can store data on the client side . Such data is called a cookie . However, the client can also store the cookie. They are very helpful to both parties.

For example, you go to the site, and you are already authorized on it. That is, when you logged into it last time, the server ordered the browser to store information about the successful login of a certain user.

Here's what the Cookie looks like in a request:

Cookie: name=value;name2=value2;nameN=valueN00

Cookies are usually stored by the browser and they are tied to a specific domain . When you visit the same domain again, cookies are automatically added to the http request and http response. The server/domain cannot receive cookies that are stored in the browser by another server/domain.

Each cookie has 4 main parameters:

  • Name;
  • meaning;
  • validity period (how long to store them);
  • the domain to which the cookie is bound.

Cookies are stored and transmitted in text form, so both name and value are strings. If the cookie expiration time is not specified, then they are destroyed after the browser is closed.

7.4 session

After the user has logged in to the site, they say that a session has been established between the site and the server.

The server creates a special object in itself - HttpSession,where it stores all the necessary information to work with an authorized client. And the unique number of this object is stored in the browser in the form of a Cookie.

Java web servers usually use a name JSESSIONIDto store the session ID. It looks something like this:


On the server side, you can set the lifetime of the session, as well as whether it will be automatically closed when the browser is closed.