Top 3 Products & Services


Dated: Aug. 13, 2004

Related Categories

Computer Beginners Guides
Network Security

By Najmi

A Cookie is a mechanism that allows a web site to record your comings and goings, usually without your knowledge.

A Cookie is a message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server.

The main purpose of cookies is to identify users and possibly prepare customized Web pages for them. When you enter a Web site using cookies, you may be asked to fill out a form providing such information as your name and interests. This information is packaged into a cookie and sent to your Web browser which stores it for later use. The next time you go to the same Web site, your browser will send the cookie to the Web server. The server can use this information to present you with custom Web pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.

The name cookie derives from UNIX objects called magic cookies. These are tokens that are attached to a user or program and change depending on the areas entered by the user or program.

According to Netscape Cookies is a general mechanism which server side connections (such as CGI scripts) can use to both store and retrieve information on the client side of the connection. The addition of a simple, persistent, client-side state significantly extends the capabilities of Web-based client/server applications.

You may have noticed that Web sites are getting smarter by the day. They seem to know more and more about you each time you visit. For instance, you may bookmark a popular site such as the and find that the computer on the other end knows not only that you've been there before, but exactly when you last visited, and what you were looking at the last time you clicked by.

Sites with "shopping carts" are a good example of cookies. You browse a series of Web pages for items to buy, and when you find something you want, you "add it" to your shopping cart by clicking a button on the page. Later, you can view these items all together.

HTTP cookies:

The HTTP cookie is an attempt to make regular HTTP a little smarter by including more information inside the HTTP header. By adding a "Set Cookie: ...." line to the HTTP header, the server can deliver cookie information to your browser. Your Web browser then saves this information and sends it back to the server the next time you visit the same site. Through this system, a kind of "persistent state" can be maintained, even though there's no ongoing communication between your browser and the cookie-setting server.

This opens up some possibilities that Webmasters will make use of. For instance, if a site is looking to track the number unique visitors over a period of time, the Webmaster will write a script that plants a cookie during the first visit. At subsequent visits, the script will see that the cookie is already there and will do nothing. This is a very simple example. Aclever coder can use cookies to track user behavior over a period of time or to maintain a shopping cart.

Internet cookies

How to Read Your Cookie File:

Cookies can be stored in a couple of different places. In Netscape, there's a file named cookies.txt which contains all the cookies on your system. Internet Explorer maintains a folder named (predictably enough) "cookies." This is where you'll find all the information stored by the cookies you receive. You should never have to purge this file or touch it in any way -really. Your browser knows when it has more cookies than it can handle, and will silently begin to delete the older ones when the time comes.

But if you're the curious type, you may want to go poking through the cookie file anyhow, just to see what kinds of cookies you're receiving and why. In that case, a cursory knowledge of cookie properties will help you decode your cookie file.

A cookie is always associated with a specific domain.

Some cookies have expiration dates. When a cookie expires, your browser will simply erase it from your hard drive. Depending on where it came from, a cookie may expire tomorrow, next week, or the year 2002. Cookies with an expiration date are generally known as "persistent cookies" meaning they stick around for a while. A cookie that doesn't contain an expiration date will only last as long as your browser stays open. These are called "session cookies" When you close your browser, all session cookies silentlydisappear.

Cookies collect information as a user travels around the Web and feeds the information back to a Web server. A Web site sends a cookie to the user's computer, where it serves as a digital tag that notifies the site each time the user enters. The information can be used, for example, to automatically supply a password for a subscription-only site or to collect information about an online shopper's preferences so that electronic marketers can target their offerings to that individual.

Do Cookies Compromise Security?

Cookies are messages that a Web server transmits to a Web browser so that the Web server can keep track of the user's activity on a specific Web site. The message that the Web server conveys to the browser is in the form of an HTTP header that consists of a text-only string. The text is entered into the memory of the browser. The browser in turn stores the cookie information on the hard drive so when the browser is closed and reopened at a later date the cookie information is still available.

Web sites use cookies for several different reasons:

To collect demographic information about who is visiting the Web site. Sites often use this information to track how often visitors come to the site and how long they remain on the site.

To personalize the user's experience on the Web site. Cookies can help store personal information about you so that when you return to the site you have a more personalized experience. If you have ever returned to a site and have seen your name mysteriously appear on the screen, it is because on a previous visit you gave your name to the site and it was stored in a cookie so that when you returned you would be greeted with a personal message. A good example of this is the way some online shopping sites will make recommendations to you based on previous purchases. The server keeps track of what you purchase and what items you search for and stores that information in cookies.

To monitor advertisements. Web sites will often use cookies to keep track of what ads it lets you see and how often you see ads.

Cookies do not act maliciously on computer systems. They are merely text files that can be deleted at any time - they are not plug ins nor are they programs.

Cookies cannot be used to spread viruses and they cannot access your hard drive. This does not mean that cookies are not relevant to a user's privacy and anonymity on the Internet. Cookies cannot read your hard drive to find out information about You; however, any personal information that you give to a Web site, including Credit card information will most likely be stored in a cookie unless you have turned off the cookie feature in your browser. In only this way are cookies a threat to privacy. The cookie will only contain information that you freely provide to a Web site.

Cookies have six parameters that can be passed to them:

  • The name of the cookie.

  • The value of the cookie.

  • The expiration date of the cookie - this determines how long the cookie will remain active in your browser.

  • The path the cookie is valid for - this sets the URL path the cookie us valid in. Web pages outside of that path cannot use the cookie. The domain the cookie is valid for - this takes the path parameter one step further. This makes the cookie accessible to pages on any of the servers when a site uses multiple servers in a domain.

  • The need for a secure connection - this indicates that the cookie can only be used under a secure server condition, such as a site using SSL.

How to reject Cookies:

Both Netscape and Microsoft Internet Explorer (IE) can be set to reject cookies if the user prefers to use the Internet without enabling cookies to be stored.

In Netscape, follow the Edit/Preferences/Advanced menu and in IE, follow the Tools/Internet Options/Security menu to set cookie preferences.

Now that you've gotten free know-how on this topic, try to grow your skills even faster with online video training. Then finally, put these skills to the test and make a name for yourself by offering these skills to others by becoming a freelancer. There are literally 2000+ new projects that are posted every single freakin' day, no lie!

Previous Article

Next Article