Android: Understand Cookie and Session in Android’s Context
I was re-reading the book Computer Networking back from Master time, and this diagram shows pretty much a very good idea of how cookie works in the client-server interaction. The header “Set-cookie” in HTTP response msg and header “cookie” in HTTP request msg are the key for server to identify users.
There’re some notes to remember regarding cookie and session from the book:
- HTTP server is stateless.
- Cookies allow sites to keep track of users.
- Cookies can thus be used to create a user session layer on top of stateless HTTP.
Android’s HttpURLConnection includes an extensible cookie manager that helps to establish and maintain a long-lived session between client (Android) and server.
Some take aways:
- Enable VM-wide cookie management:
- CookieStore can be used for cookie persistence. (CookieManager only keeps cookies in memory)
If you’re using Android’s WebView, it should automatically handles the cookies for you already, just like the Chrome browser you use on desktop, since Android’s WebView actually is already a Chrome implementation!