There is a game http://nebo.mobi. After logging in, you do not need to re-enter your nickname and password, since the browser stores them in memory and somehow the game takes it. So, what should I do with the application? After sending the login data (Jsoup, POST), the server sends the html home page /home . But further, if I go, for example, to a page accessible only to the player who entered, what will happen? After all, you need to send something else, right?

Accidentally not cookies? Then where to get them?

  • available only to the player who entered, what will happen? - 403 Forbidden or 401 Unauthorized by the idea Randomly not cookies - they are the most - MihailPw
  • @ AGS17, I don’t even know anything about it, but somehow from somewhere in my memory there was a cookie) - Flippy
  • @ AGS17, look - I’ll have an input every time I start (the user doesn’t know about it) get a cookie and where is it going? How to transfer them figured out but where to store while using the program? - Flippy
  • What does it mean to store? They are stored in the browser and are transmitted to the server when requested. You do not need to save any files, etc., if you are talking about this - MihailPw
  • @ AGS17, but I don’t have a browser but an application .. It seems I don’t understand something - Flippy

1 answer 1

But further, if I go, for example, to a page accessible only to the player who entered, what will happen? After all, you need to send something else, right?

Visual links (referring to pages that are not accessed) should not be at all. If directly referenced, a page with status codes 403 Forbidden or 401 Unauthorized should be returned. Personally, I would return to an unauthorized user 401 , and to an authorized, but not having the appropriate access level, 403 errors.

Accidentally not cookies? Then where to get them?

It is they. Read on wikipedia what it is.

They can be set both on the server and on the client. With each request, they are thrown between the client server.

A good tool for viewing cookies (either session / local storage) - Chrome Dev tools ( F12 button)

We crawl into Application > Cookies > domain:

enter image description here

  • Well, let's say I got cookies after logging in, right? And with all the following game requests they need to be sent, right? Between the entrance and some actions in the game there will be a division into activity (android application) - it means you need to store cookies ..... - Flippy