Cookies and their use (i)

Source: Internet
Author: User
Tags header domain
Cookie Cookie Technology is a very controversial technology, since its inception it has become a vast number of network users and web developers a controversial focus. Some network users, even some senior web experts, are also dissatisfied with its generation and promotion, not because the cookie technology is too weak or for other technical performance reasons, but simply because they feel that the use of cookies poses a threat to the privacy of Internet users. Because cookies are small text files that are saved by the Web server in the user's browser, they contain information about the user, such as the identity number, password, how the user shopped on the Web site, or how many times the user visited the site.

so what about cookie technology? Does it really bring personal privacy to the Internet users? Let us look at the following content, and then answer it.

(1) Cookie Technology Introduction

in the history of Web technology, the advent of cookie technology is a major change. Netscape first introduced cookie technology into its Netscape Navigator browser, and since then the World Wide Web Association has been supporting cookie standards. Later, after Microsoft's big promotion (because Microsoft's IIS Web server uses the ASP technology to a large extent using cookier technology), that is, in Microsoft's Internet Explorer browser fully support cookie technology. Up to now, the vast majority of browsers support cookie technology, or at least compatible with the use of cookie technology.

1 What is a cookie?

as defined in the Netscape official documentation, cookies are a way for servers or scripts to maintain information on client workstations under the HTTP protocol. A cookie is a small Guangxi file saved in a user's browser by a Web server that can contain information about the user (such as the identification number, password, how users shop on the Web site, or how many times the user accesses the site). The Web site can access cookie information whenever the user is linked to the server.

In layman's terms, browsers support cookies with one or more qualified files. These files are called Cookie files on machines that use Windows operating systems, and are called Magic Cookie files on Macintosh machines that are used by Web sites to store Cookie data on them. Web sites can insert information into these cookie files, which has some side effects for some network users. Some users believe that this has caused a violation of privacy, and worse, some people think that cookies are an encroachment on personal space, but also to the user's computer security hazards.

Some cookies are temporary and others are ongoing. A temporary cookie saves a specified amount of time on the browser, and the cookie is purged by the system once the specified amount of time is exceeded. In PHP, for example, cookies are used to track user processes until the user leaves the site. The persistent cookie is saved in the user's cookie file and can still be invoked the next time the user returns.

to save cookies in a cookie file, some users may be overly likely to think that this poses a big problem. The main concern is that cookies will keep track of users ' surfing habits, such as what kind of sites they love, what activities they are interested in. Fear of this personal information once fall into the hands of some ulterior motives, then the individual may become a lot of advertising junk object, and even the accidental damage. However, this fear will not happen at all, because users outside the site can not cross the site to obtain cookie information. So it is impossible to apply cookies for this purpose. However, due to some user misconceptions and "misinformation", some browser developers have no choice but to make an acquaintance response (for example, Netscape Navigator4.0 and Internet Explorer3.0 provide the option to mask cookies).

As a result of the long awaited cookie technology, many browser developers have been forced to provide flexibility of cookie control in their browsers. For example, the current two main browsers, Netscape Navigator and Internet Explorer, handle cookies like this: Netscape Navigator4.0 can not only accept cookies for warnings, but can also block cookies from cookie;internetexplorer3.0, but on the internet You can only accept warnings without providing masking options in Explorer4.0, but the feature options for masking cookies are added to the updated version after the Internet Explorer4.0.

In addition, many of the latest technologies have even been able to block cookies in browsers that cannot block cookies. For example, you can restrict the use of cookies by setting the cookie file to a different type. Unfortunately, however, if you want to completely block cookies, you will definitely reject many site pages. Because many web site developers today have fallen in love with the powerful features of cookie technology, such as the use of Session objects can not be separated from the support of cookies.

even though there are still some Internet users arguing about cookies today, they tend to accept cookies for the vast majority of web users Lang. Therefore, we can safely use cookie technology to develop our web pages.

2) How does a cookie work?

to understand cookies, it is essential to know how it works. In general, cookies are returned to the browser via HTTP headers from the server side. First, the server side uses the Set-cookie header to create a cookie in the response, and then the browser completes the browser's argument by including the cookie header in its request, and then returning it to the server.

For example, we created a cookie named login to contain the visitor's information, and when creating the cookie, the server-side header, as shown below, assumes that the visitor's registration name is "Michael Jordan", It also specifies the properties of the cookie being created, such as path, domain, expires, and so on.

Set-cookie:login=michael jordan;path=/;d;

expires=monday,01-mar-99 00:00:01 GMT

the header above will automatically add a record to the cookie file in the browser-side computer. The browser assigns the cookie named "Login" to "Michael Jordon". Note that the value of this cookie is passed through the URL encoding of the UrlEncode method during the actual delivery process.

the HTTP header containing the cookie value is saved to the browser's cookie file, the header notifies the browser to return the cookie to the server through a request to ignore the path, completing the browser's authentication operation.

In addition, we use some of the cookies ' properties to qualify the cookie for use. For example, the domain property can qualify a cookie at the browser end, as in the example above, the cookie can only be sent to the specified server, and will never go to other web sites such as The Expires property specifies the time period for which the cookie is saved, for example, the cookie above is stored on the browser only until March 1, 1999 1 seconds. Of course, if there are too many cookies on the browser that exceed the range allowed by the system, the browser will automatically delete it. The property path is used to specify which directory path the cookie will be sent to the server.

Note: When a browser creates a cookie, the cookie is included in the header for each request for the site, but the request cookie for the other web site will never be sent along. and the browser will keep sending it until the cookie expires.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.