HTTP - Cookie

> (World Wide) Web - (W3|WWW) > (HTTP|HTTPS) - Hypertext Transfer Protocol

1 - About

A cookie is a file with information.

A small text file sent by a website’s server to be stored on the user’s web-enabled device (browser generally) that is returned unchanged by the user’s device (browser) to the server on subsequent interactions.

The cookie enables the website application to associate data with that device and distinguish requests from different devices.

Cookies often store behavioral information.

Every time the user loads a page of a website, the browser sends the cookie back to the server.

The (HTTP Cookie and Set-Cookie) header fields can be used by HTTP servers to store state (called cookies) at HTTP user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol.

Cookies are the preferred way for servers to track sessions. The server supplies a piece of data, called a cookie, in response to a request. The server expects the client to send that piece of data in a header field with each following request of the same session. The cookie is different for each session, so the server can identify to which session a request belongs by looking at the cookie. If the cookie is missing from a request, the server will not respond as expected.


3 - Management

3.1 - Software

3.2 - Security

When you tag a cookie with the HttpOnly flag, it tells the browser that this particular cookie should only be accessed by the server.


Set-Cookie: user=t=bfabf0b1c1133a822; path=/; HttpOnly

3.3 - Set / Get

3.4 - Chrome

4 - Documentation / Reference

web/http/cookie.txt · Last modified: 2019/04/26 17:35 by gerardnico