cookie or an HTTP cookie can be defined as a message used by an origin website to send the information about the state to the browser of the user and by the browser to send the information about its state to the origin site.
An HTTP cookie is known by many names such as web cookie, browser cookie etc.
The information of the state that is sent across the origin site and the user’s browser is used for the purpose of:
- Identification of the session of an user
- Preferences of the user and
- Contents of the shopping cart
In other word HTTP cookies are used for any purpose that can be accomplished using the process storing text data on the computer of the user.
Characteristics and Uses of Cookie
- The main characteristic of Cookies is that they cannot be programmed and thus, cannot carry any kind of viruses or worms.
- Any malware cannot be installed on the host system with the use of a cookie. So they are safe to this extent.
- However, cookies can be effectively used by a spyware to track the browsing activities of the users.
- This is a major privacy concern and has prompted European and US law makers to take action in the past few years.
- Cookies are very easy to steal and are thus often misused by the hackers.
- Hackers steal the cookies and use them to gain access to the web account of the victim.
- Cookies were first used to solve the problem of implementation of the shopping cart.
- Initially the cookies were developed for the Netscape browser.
- They were used to check if the earlier visitors visited the site again.
- Later cookies were developed for internet explorer and other browsers.
- The concept of the cookies was not widely known to the public at that time.
The term “HTTP cookie” came into existence in the year of 1994. It has been derived from “magic cookie”.
What are Magic Cookies?
- Magic cookie was actually a data packet that a program receives and sends again to the program on the other side without altering the contents of the packet.
- Magic cookies were used in computing systems long back and were introduced in web communications by Lou Montulli in June 1994.
The development of a cookie for formal specifications is always in progress. Till date many types of cookies have developed. They have been discussed below:
- This cookie has a lifetime equal to the time period of the user using the website.
- These cookies are automatically deleted after the end of a session.
- These cookies last even after the session has expired.
- If a persistent cookie has its maximum age set to one year, then till the one year is over, the cookie will be sending information to the server every time the website is visited.
- These are also called tracking cookies.
- These cookies are used by the browser if it accessing server through an HTTPS connection.
- This ensures that the cookie is always encrypted during the transmission of the information.
- This prevents cookie theft.
HTTP only cookie:
- This type of cookie is mostly supported by all the modern browsers.
- On a browser which supports HTTP, an HTTP only cookie is used during transmission of HTTP requests.
- It restricts the access from other non HTTP scripts.
Third party cookie:
- The first party cookies are set with the same domain or sub domain in the address bar of the browser.
- But, third party cookies are set with various domains other than the one mentioned in the address bar.
- A cookie with a public suffix domain like .co.uk, .com etc.
- This cookie is automatically recreated after its deletion.