HTTP Cookie

1. HTTP Cookie Explained
2. Cookie and Security

3. RFC 2109
4. Session Cookie
A session cookie or transient cookie is created by simply not setting a date in the Set-Cookie option when an application creates the cookie.
Session cookies are often used to enable a site to be able to track the pages that a user has visited during a visit so that information can be customized for the user in some way. Some sites use Secure Sockets Layer (SSL) to encrypt the information contained in a cookie.
5. Persistent Cookie
A persistent cookie, an expiration date is set and the cookie is stored on the user’s hard drive until the expiration date or until the user deletes it.
6. HTTP-Only Cookie
Web server can set the HTTPOnly flag on a cookie it creates, indicating the cookie should not be accessible on the client through JavaScript.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s