from i have read this line. that http address doesn't maintain the state. can some one please explain it.
thanks in advance

the link from where i read this is

Let's say that state information means information that can be changed to represent something. It could be the fact that you are authorized to view a certain web page or it could be the fact that your user name is XYZ... or it could be the fact that you are at step #3 of a 5 step process in some menu system. Placing this info in a web address is often undesirable since a web browser can be used to go to any web address at any time. If the state is determined by the web address then clients can easily get into the wrong state or undesired states. Imagine if a certain web address had state info in it that said you're authorized to view your personal bank statement and it shows your banking info.... then that web address is simply guessed by a random person and they now have access to your bank account.

It's tempting to put state info in web addresses but usually it's a bad idea.

Member Avatar

This is why we use sessions and cookies.