T3L11
Cookies
Introduction
This lesson is designed for you to gain some basic information about Cookies. When you finish this lesson, you should be able to:
- Describe what a Cookie is.
- Describe the purpose of a Cookie and it’s role on the internet today.
- Define the basic elements of a Cookie.
Recently, cookies have become very popular in the news since people have learned they are losing, to a small degree, their anonymity on the web. Cookies were not created to be intrusive. They were a solution created to overcome one of the technical issues with the web known as the ‘stateless’ medium.
As you may recall the Internet is built upon a protocol that is considered ‘stateless.’ This essentially means people surfing the web can visit web sites and move around the Internet without creating any network tie-up or overhead. The client/server model is built upon a protocol that creates constant “chatter” between the client and the server. The server sends a signal to the client, and the client sends a signal back to the server. This chatter tends to cause slowdowns in network throughput as the number of clients increase. But it also offers the ability for a client to exchange data.
On the Internet, we moved about in a stateless protocol void. This makes the exchange of data between a specific users and a database, for example, a little more difficult. Every time you ‘hit’ up a web server it only recognizes you for that brief moment in time. You connect and then disconnect. Cookies allow us to somewhat trick the system that allows the server to recognize you whenever you make a request, even without having to log back into a site again.
It is through this recognition process that cookies play an important role. Sometimes it is a very helpful role, other times it may be viewed as invasive.
Cookies
- What is a cookie?
- How are cookies used on the web today?
- Example of a cookie
- Cookie Activity
- Cookie Summary
Additional Resources
CNET Cookies
[[ link to
Cookie Central
[[ link to
JavaScript Tip of the Week
[[link to
Netscape’s Cookies Documentation
[[link to
What Is A Cookie?
According to an article written by Paul Bonner for Builder.Com [[link to on 11/18/1997:
"Lou Montulli, currently the protocols manager in Netscape's client product division, wrote the cookies specification for Navigator 1.0, the first browser to use the technology. Montulli says there's nothing particularly amusing about the origin of the name: 'A cookie is a well-known computer science term that is used when describing an opaque piece of data held by an intermediary. The term fits the usage precisely; it's just not a well-known term outside of computer science circles.'"
Basically, cookies are a way to store information between visits to a web site. If you log into a web site in the morning, shut your computer down, restart it, then go to that web site again, you may not need to log in a second time. This is because a cookie containing your login information was set when you first visited it.
Technically, it is an HTTP header that maintains parameter information regarding the following variables: path, domain, and lifetime. All these are set by the web site and get passed to the browser’s memory. The information is saved to a text file (the cookie file) when the client visiting the site stays longer than the lifetime variable setting.
These text files are what can be found on your PC’s hard drive in one of two places and accumulate over time. If you are using Netscape Navigator they are stored in the USERS folder within the Netscape directory. Or they are stored in the WINDOWS>COOKIES folder if using Microsoft Internet Explorer.
Information Gathering
Cookies are not active in the sense that they go out and get information. Typically a user visits a web site and fills out information on a form. This info is captured and stored in a cookie file.
Cookies cannot steal information about you. They only store information that you have provided. This is where this topic gets a little more involved. Not only are they providing information you provide via a form, they also can obtain information such as browser type, your IP address, site just visited, and the type of operating system you are running.
Remember though, cookies that were created to provide you with a ‘smarter’ way of viewing Internet content are mostly harmless. They can also be deleted from your hard drive at any time or you can use third party software to manage them.
How Are Cookies Being Used Today?
Personalization is a major feature with most informational and e-commerce sites today. Cookies allow the sites to maintain that feeling of personalization. Most commercial sites today utilize databases to store their content and customer information. When a visitor returns to a site the cookie with that particular site’s information is retrieved. The site uses coded information in the cookie to retrieve the respective database information. For example, your name and shopping preferences may be stored in a cookie for an online shopping site.
Another way cookie is used is in tracking user interests. Doubleclick, a global Internet advertising solutions company, places banners ads on web sites who are members of their network. These banners will display information targeted to visitor’s interests. Their interests are stored in cookies that are retrieved when visiting a Doubleclick site. The site then displays the appropriate banner based upon that visitors interests.
This in no way poses a security risk to your PC or personal information. However, you can turn off this ability. Visit the Doubleclick web site [[link to to learn how.
At the browser level, you can also turn off cookies. By changing these preferences you will be prompted whether or not to accept a cookie every time a web site attempts to pass you one. However, this will quickly becoming a nuisance since a majority of sites now use cookies and the prompts will be continuous.
Examples of Cookies
Cookies can be set on either the client side (browser) or server side. The choice of which language you create it with will determine this. You can use JavaScript, CGI, ASP and even PERL, just to mention a few, to create your cookie.
Most JavaScript-coded cookies take their form from the functions originally created by hIdaho Design’s, Bill Dortch. The example below is a function written in JavaScript that would exist on the client side. It would be accessed when a user visited a web page with this function embedded within it. Note the specific parameters. In particular, notice the “expires” parameter, which if used within a web site such as a online banking site it forces the user to log in again if the parameter is exceeded in order to maintain a level of security.
function SetCookie(name, value,expires,path,domain,secure)
{
document.cookie = name+” = ”+escape(value)+((expires)?;
expires = ”+expires.toGMTString():””)+((path)?”;
path=”+path:””)+((domain = ”+domain:””)+((secure?”;secure”:””);
}
name/value = a string of characters defining the name of the cookie
expires = is a date value that defines the life of the cookie
path = the path attribute of a valid cookie
domain = the domain name attribute of a valid cookie (i.e. .com, .edu , etc)
secure = only transmits the cookie info the communication link is a secure one
Go to Cookie Central’s Demo Pages [[link to to see additional types of cookies in action.
Cookie Summary
This lesson is designed for you to gain some basic information about Cookies When you are finished with the lesson, you should be able to do the following:
- Describe what a Cookie is.
- Describe the purpose of a Cookie and it’s role on the internet today.
- Define the basic elements of a Cookie.
A short summary of these topics are listed below. If you do not understand these things, you should review the lesson at least once. If you are still having difficulty, you should consider other sources of information that compliment this lesson, such as textbooks, tutors, and instructors.
The Cookie
It is an HTTP header that maintains parameter information regarding the following variables: path, domain, and lifetime. All these are set by the web site and get passed to the browser’s memory. The information is saved to a text file when the client visiting the site stays longer than the lifetime variable setting.
Creating Cookies
Today there are many ways to create client and server side cookies. JavaScript, VBScript, and CGI are some of the most popular but the list is growing. See example by going back to here Example of a Cookie and visiting the demo page link.
1