What is Computer/Browser Cookies?

What is Computer/Browser Cookies?


Different Types of Cookies:

Session cookie
A session cookie upto certain hours,depending on website.  After the session hour, it will be destroyed.

Persistent Cookie
A persistent cookie will outlast user sessions. If a persistent cookie has its Max-Age set to 1 year, then, within the year, the initial value set in that cookie would be sent back to the server every time the user visited the server. This could be used to record a vital piece of information such as how the user initially came to this website. For this reason, persistent cookies are also called tracking cookies or in-memory cookies.

Secure cookie
Secure cookies are encrypted cookies. If you used HTTPS(secure Connection), then it will store the cookies in encrypted format. Even hackers steal the cookie, he is able to see only the encrypted data.
Bank websites always use Secure Cookies.

HttpOnly cookie
The HttpOnly cookie is supported by most modern browsers. On a supported browser, an HttpOnly session cookie will be used only when transmitting HTTP (or HTTPS) requests, thus restricting access from other, non-HTTP APIs (such as JavaScript). This restriction mitigates but does not eliminate the threat of session cookie theft via Cross-site scripting.[15]. It is important to realize this feature applies only to session-management cookies, and not other browser cookies.

Third-party cookie
Third-party cookies will store the cookies with another domain.
For Example:
www.example.com will store the cookies with ad.advertise12.com
At the same time, another website also set cookies with same domain.
www.othersite.com will store the cookies with ad.advertise12.com

A "supercookie" is a cookie with a public suffix domain, like .com, .co.in,.in.

Most browsers, by default, allow first-party cookies—a cookie with domain to be the same or sub-domain of the requesting host. For example, a user visiting www.example.com can have a cookie set with domain www.example.com or .example.com, but not .com. A supercookie with domain .com would be blocked by browsers; otherwise, a malicious website, like attacker.com, could set a supercookie with domain .com and potentially disrupt or impersonate legitimate user requests to example.com.

Zombie cookie
A zombie cookie is any cookie that is automatically recreated after a user has deleted it. This is accomplished by a script storing the content of the cookie in some other locations, such as the local storage available to Flash content, HTML5 storages and other client side mechanisms, and then recreating the cookie from backup stores when the cookie's absence is detected.

What is the use of Cookies?

Session management
Cookies may be used to maintain data related to the user during navigation, possibly across multiple visits. Cookies were introduced to provide a way to implement a "shopping cart" (or "shopping basket"), a virtual device into which users can store items they want to purchase as they navigate throughout the site.

Cookies may be used to remember the information about the user who has visited a website in order to show relevant content in the future. For example a web server may send a cookie containing the username last used to log in to a web site so that it may be filled in for future visits.

Tracking cookies may be used to track internet users' web browsing habits. This can also be done in part by using the IP address of the computer requesting the page or the referrer field of the HTTP request header, but cookies allow for greater precision. This can be demonstrated as follows:


Free counters!


MauriHackerS - Providing Latest IT Security and Hacking News !