Cookie Operating Principle

In fact, you can use fsockopen to simulate a browser. Apache is also a socket program! Cookie and other information can be forged.

 

Cookies
Cookies are programs that place websites on your hard disk. They reside on your computer to collect information about everything you do on the Internet, and the Web site can read all the information collected by cookies at any time.
In news, this definition is fair. The problem is that none of this definition is correct. Cookies are not programs, and they cannot do many things like programs, therefore, they cannot collect any information themselves, nor collect any information related to your machine.

Here is a more appropriate definition of cookies:

A cookie is a piece of text stored by the Web server on the user's hard disk. Cookies allow a wen site to store some text information on the user's machine and can be retrieved later. This text-based Information stores some "key-value" pairs.

For example, a web site creates a unique ID number for each visitor and stores the number in cookies of each visitor's machine.

If you use Microsoft's IE to browse a web, you can see all the cookies on your machine on your hard disk. Usually they reside in the directory c: /Windows/cookies (Win98), or C:/Documents and Settings/user name/cookies (Win2000, Win XP). When I look at this directory of my machine, I have found 165 files. Each is a text file that contains a "key-value" pair, and each site has a cookie file.

You can see that every file in this directory is a simple, common text file, you can see which web site has stored cookies on your machine through the file name. You can open each file and view its content.

For example, if I have already visited the website goto.com, the website will place a cookie on my machine. The cookie file named goto.com contains the following information:
Userid www.goto.com/site goto.com has placed a single "key-value" pair on my machine. The key name is userid and the key value is a9a3bece0563982d. I visited the goto.com site for the first time, the site assigned a unique ID to me and saved it to my machine.

Most websites only store one user ID cookie on your machine, but this is not a limit. A website can store many "key-value" pairs on your machine, as long as it like.

Cookies only contain the text of these simple "key-value" pairs. They are not programs, so they cannot "do" anything, A web site can only obtain information stored on your hard disk again. It cannot obtain information from other cookies or see anything else on your machine.

How to move cookies

As you can see in the previous sections, cookie data is the text of the "key-value" pair placed on your hard disk on a simple web site. This applies to all cookies. The web site can save the data and then fetch it back. A web site can only retrieve the data stored on your machine and cannot see other cookies, you cannot see anything else on your machine.

The cookie data is moved as follows:

1. If you enter a web URL in your browser, the browser will send a request like the web site of the URL. For example, if you enter URL: http: // www.verizon.com in your browser, the browser sends the request to Verizon's Web server to request its homepage.
2. When a browser sends a request, it will view the cookie file related to the domain name www.verizon.com on your machine. If there is a cookie related to www.verizon.com, the browser sends the related cookie "key-value" to the server together with the request. If there is no cookie related to www.verizon.com, the browser does not send the cookie to the server.
3. Verizon's Web server receives cookie data and an HTTP request for a page. If it receives a cookie "key-value" pair, Verizon's web server will be able to use them.
4. If you do not receive the cookie "key-value" pair, Verizon's web server will know that you have never accessed this site before. The server will create a new user ID, when sending the page you requested back to your browser, send the "key-value" pair of the user ID to your machine, your hard disk will host the "key-value" pair cookie corresponding to the site.
5. The Web server can change the "key-value" pair or add a new "key-value" pair whenever you visit the site.
6. Some other information related to the key-value pair sent to the client, one of which is the cookie validity period, the other is the path (in order to associate different cookies in different parts of the same site ).

You can control this process by setting in your browser whether to accept or reject the cookie sent by the web site to your machine.

How do websites use cookies?

Cookies are developed because they solve the problem of who is visiting a site. In a broad sense, cookies allow a site to store status information on your machine, this information reminds the web site of the status of your browser. A simple "key-value" pair of userid can let the web site know that you have visited this site before, the status is "your browser has visited this site at least once", and the site can know your user ID from this visit.

Websites use cookies in a number of different ways. The following are some examples:

1. The site can precisely know how many visitors are actually accessing the site. It can eliminate the interference caused by proxy servers, buffers, Concentrator, and so on, the only way to correctly count the number of website tokens is to set a unique ID for each visitor, which is contained in a cookie. The site can:
2. Determines how many visitors arrive.
3. Determine the number of new visitors and the number of new visitors.
4. Determine the frequency of access by a visitor

The web site needs to do this by using a database. When a visitor arrives for the first time, the site creates a new user ID in the database and sends the user ID as a cookie to the client, the next time the user visits the site, the site will increase the number of visits to the user ID record associated with the user in the database, so the user knows how often the visit will take.

To view the differences between each user, the site can store USER Parameters. For example, some sites provide the ability to change content, layout, and color settings, it can also provide customized weather information based on your zip code.

Most sites seem to store USER Parameters in site databases like this. In cookies, there is no information except for storing a user ID, however, there is another way to store an actual value in a key-Value Pair:

E-commerce sites can implement functions similar to shopping blue and fast payment. They use cookies containing user IDs to track customers and store different products into your shopping blue, every item you put into the shopping blue will be stored in the database with records related to your user ID. When you make a payment, the site will know which items you have purchased. Without cookies or similar technologies, the above functions cannot be implemented.

In all these examples, note that databases are used to store the products you choose on the site, the pages you browsed, and the information you provide in the form, all information is stored in the database of the site. Only your user ID is stored in the cookie of the client to identify the user.

Cookies



Cookies are not an ideal state machine, but they can do things that cannot be done in many other ways. The following are some disadvantages of cookies:

1. People often use one machine together-any machine used in public, and many machines used in the office or at home are shared by multiple people. Let's see that you are using a machine that is used by many people (for example, a machine in the library) to buy goods in an online store, the website of the store will leave some of your settings on this machine, and then someone else will use this machine to buy goods in this online store, this website will provide some of your settings.
2. Cookies are deleted-If your browser asks for technical support for problems, the first thing the technical supporter wants you to do is to ask you to first delete all Temporary Internet Files on your machine. When you do this, you will lose all your cookies. When you access a site again, the site will think you are a new user and give you a new user ID, some personal settings you set on this site will not exist.
3. Multiple machines-people often use more than one machine in a day. For example, they use one machine in the office and one machine at home, and may use a laptop on the road. In this way, three inaccessible cookies will be used on the three machines, and the same person will be treated separately as three users on the three machines.