Understanding HTTP Cookies

To start with HTTP Cookies are small text files which the server of a website can place on your local computer for certain transcation oriented information. Cookies play a vital role in HTTP owing to its Stateless nature and are primarily used for Session handling. However, they can be used for other reasons as well.

Every HTTP Cookie has the following important information about it . This information is usually processed and sent by the browser to the server next time it makes a request for the specified path.

1.) The name and value of the cookie : A typical name value pair can be user=test or password=abc etc.

2.) The domain on which it is set: This is usually the domain of the website. e.g goole.co.in or wordpress.com

3.) The path on which it is set: The path gives you the chance to specify a directory where the cookie is active. So if you want the cookie to be only sent to pages in the directory news, set the path to /news. Usually the path is set to /, which means the cookie is valid throughout the entire domain.

4.) Whether the cookie is secure or not?

5.) When will the cookie expire: Once the cookie has expired, it wont be sent by the browser when making a new request.

An interesting example usage of Cookies is the feature a lot of websites employ these days. i.e. Remember me on this computer. When you click on this checkbox for a particular website, the web application deployed on the server reads the input and sets a cookie back on your machine for lets say 14 days or whatever is the website policy for Remember me. So the next time you make a request for the website, the cookie is sent along with the HTTP request. When the server gets the cookie, it knows that you are already an authenticated page and doesnt ask you for any authentication.

The below figure gives the request flow of a HTTP Request to the cookie.

1.) Client sends a HTTP Request to the server for the first time.

HTTP Request and Response flow with Cookies

HTTP Request and Response flow with Cookies

2.) Server sees the request and decides to set a particular cookie on the client. It then sends this cookie in the response. In the figure above the box with value C is represented as a cookie.

3.) Next time the client makes a HTTP Request to the same domain on a valid path, the cookie also goes along with the HTTP Request. Server sees the cookie and responds accordingly, if required.

Using Javascript, you can set cookies using the following code

 document.cookie = 'ppkcookie1=testcookie; expires=Thu, 2 Aug 2001 20:47:11 UTC; path=/' 

Do remember that we have a semicolon and space between each attribute ( see semicolon space in before we begin with expires attribute and then again before we write about path)

You can also have a look at what cookies exist in your browser by following the below mentioned steps

In Internet Explorer follow these steps

1.) Click on the Tools menu
2.) Click on the Internet Options menu item
3.) Click on the General tab
4.) In the section labeled “Temporary Internet Files” click on the Settings button
5.) Click on the View files button.
6.) In the resulting view anything that begins with “Cookie:” is a cookie placed by the named site.

In Firefox, to check your cookies, follow the below steps:
1.) Click on the Tools menu
2.) Click on the Internet Options menu item
3.) Click on the Privacy tab
4.) Click on the Show Cookies button to get a view of all the cookies saved under various domains.

Also read: Tutorial: Find the IP Address of sender in Gmail.

Recovering ‘permanently’ deleted email in Microsoft Outlook 2003

You can follow me on Twitter at http://twitter.com/vaibhav1981

Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here.



One Response

  1. […] Also read: Understanding HTTP Cookies […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: