Protocol: Used To Request and Return Data Request/response Protocol
Protocol: Used To Request and Return Data Request/response Protocol
Evolution
HTTP 1.0: simple HTTP 1.1: more complex
slide 1
Cookies in a nutshell is an application based solution to provide state retention over a stateless protocol.
POST login.cgi
username and pwd
HTTP Header: Set-cookie: NAME=VALUE ; domain = (who can read) ; expires = (when expires) ; secure = (only over SSL)
Server
If expires = NULL, this session only
Brows er
Server
slide 3
Personalization
Recognize the user from a previous visit
Tracking
Follow the user from site to site; learn his/her browsing behavior, preferences, and so on
slide 4
Cookie Management
Cookie ownership
Once a cookie is saved on your computer, only the website that created the cookie can read it
If cookie is secure, browser will only send it over HTTPS but anyone can write a secure cookie!
Variations
Temporary cookies: stored until you quit your browser Persistent cookies: remain until deleted or
slide 5
slide 6