Topzle Topzle

HTTP cookie

Updated: Wikipedia source

HTTP cookie

An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small block of data created by a web server while a user is browsing a website and placed on the user's computer or other device by the user's web browser. Cookies are placed on the device used to access a website, and more than one cookie may be placed on a user's device during a session. Cookies serve useful and sometimes essential functions on the web. They enable web servers to store stateful information (such as items added in the shopping cart in an online store) on the user's device or to track the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to save information that the user previously entered into form fields, such as names, addresses, passwords, and payment card numbers for subsequent use. Authentication cookies are commonly used by web servers to authenticate that a user is logged in, and with which account they are logged in. Without the cookie, users would need to authenticate themselves by logging in on each page containing sensitive information that they wish to access. The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by an attacker, used to gain access to user data, or used to gain access (with the user's credentials) to the website to which the cookie belongs (see cross-site scripting and cross-site request forgery for examples). Tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories — a potential privacy concern that prompted European and U . lawmakers to take action in 2011. European law requires that all websites targeting European Union member states gain "informed consent" from users before storing non-essential cookies on their device.

References

  1. Cisco
    https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117925-technote-csc-00.html
  2. News
    https://news.cnet.com/8301-10789_3-9918582-57.html
  3. "What about the "EU Cookie Directive"?"
    https://webcookies.org/faq/#Directive
  4. BBC
    https://www.bbc.co.uk/news/technology-12668552
  5. Adage
    http://adage.com/article/digital/sen-rockefeller-ready-a-real-track-bill/227426/
  6. dominopower
    http://dominopower.com/article/where-cookie-comes-from/
  7. The Jargon File (version 4 )
    http://catb.org/jargon/html/M/magic-cookie.html
  8. The New York Times
    https://www.nytimes.com/2001/09/04/technology/04COOK.html
  9. Yale Journal of Law and Technology
    https://papers.ssrn.com/sol3/papers.cfm?abstract_id=597543
  10. ACM Transactions on Internet Technology
    https://arxiv.org/abs/cs/0105018
  11. "Press Release: Netscape Communications Offers New Network Navigator Free On The Internet"
    https://web.archive.org/web/20061207145832/http://wp.netscape.com/newsref/pr/newsrelease1.html
  12. "Usenet Post by Marc Andreessen: Here it is, world!"
    https://groups.google.com/group/comp.infosystems.www.users/msg/9a210e5f72278328
  13. US 5774670, Montulli, Lou, "Persistent client state in a hypertext transfer protocol based client-server system", publis
    https://worldwide.espacenet.com/textdoc?DB=EPODOC&IDX=US5774670
  14. "The history of Internet Explorer"
    https://www.microsoft.com/windows/IE/community/columns/historyofie.mspx
  15. Journal of Public Policy & Marketing
    http://journals.sagepub.com/doi/10.1509/jppm.27.1.19
  16. Financial Times
  17. RFC 2109
    https://www.rfc-editor.org/rfc/rfc2109#section-8.3
  18. staff
    https://staff.washington.edu/fmf/2009/06/19/setting-cookies/
  19. The edbrowse documentation version 3 said "Note that only Netscape-style cookies are supported. However, this is the mos
    http://edbrowse.org/usersguide.html#cook
  20. The Security Practice
    http://www.thesecuritypractice.com/the_security_practice/2011/03/http-state-management-mechanism-to-proposed-standard.html
Image
Source:
Tip: Wheel or +/− to zoom, drag to pan, Esc to close.