O'Reilly logo

Web Security and Commerce by Gene Spafford, Simson Garfinkel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cookies

Netscape introduced the “cookies” specification with Navigator Version 2.0. The original purpose of cookies was to make it possible for a web server to track a client through multiple HTTP requests. This sort of tracking is needed for web-based applications. For example, an online catalog might store a session ID in a cookie so that the web server can keep track of what items are in a customer’s “shopping cart.”

A cookie is a block of ASCII text that a web server can pass into a user’s instance of Netscape Navigator (and many other web browsers). Once received, the web browser sends the cookie every time a new document is requested from the web server.

Cookies are kept in the web browser’s memory. If a cookie is persistent, the cookie is also saved by the web browser. Persistent cookies can be used to store a user’s preferences for things like screen color, so that the user does not need to re-register preferences each time he or she returns to a web site.

Netscape browsers store cookies in the file called cookies.txt, which can be found in the user’s preference directory. Internet Explorer saves cookies in the directory C:\Windows\Cookies on Windows systems.

Netscape’s cookies can be used to remove anonymity on the web or to enhance it. Unfortunately, the choice is not in the hands of the web user: it is under the control of the web server. Furthermore, it can be difficult for users to tell to what purpose cookies are being used.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required