What is Cookie?

What is cookie?
 
Non Technical 
It’s very difficult to find good examples in the real world that can describe the cookies with appropriately. But let's try this one: A doctor will give you a card that will be filled on your circumstances when you first came for a treatment to him and handed the card to you. Every time you come (which may still be associated with the same disease) you submit the card and the doctor can know your progress, and can know you came because of what (for the disease earlier, or because of new diseases). If the doctor is a web server and the patient is a client (browser), then the card is a cookie that will be discussed at this time.
Most physicians (whose patients are not too many) will be remembered by each patient and also the disease, but the webserver does not remember all about a client, about the same doctor who had so many patients to not remember that these patients received treatment for the second time yesterday in connection with the illness. Nature webserver (HTTP server) that do not pay attention to (keep in mind) is called a stateless request.
 
A patient can come to the doctor for some time for the same (same disease). Similarly someone can come to web pages for a purposes, e.g. to buy something online, he will enter the login page, then go to page to choose the goods, go to page to fill in payment method, and move to another page to logout. Because the HTTP server does not keep in mind what clients did, so we have to find a way so that HTTP server can remember, one of which is with cookies. A cookie is like a card given by a doctor to the patients that must be given every time the treatment, so the cookies sent by the webserver, received by client (browser) and then every time you visit the page the cookie is submitted to the webserver, by viewing the contents of the cookie information can be: "oh this is before the client with login name John, or login name: john; items selected: a laptop and a printer". Cookies are not the only way to create a session on HTTP. As the card is not the only way doctors could know the condition of his patient (He can ask his beautiful assistants to remember / keep track of all patients).
 
Technical 
Before you can understand about cookies, you need to know about HTTP. HTTP is a stateless protocol that is used for world wide web (WWW). The term World Wide Web of course you already know. There are two terms that need to be explained: the protocol and the stateless. In short we can say the Protocol is an agreement about how communication will be done (Tanenbaum, 1992). While the stateless protocol means that it does not retain information from one request with another request. The HTTP server will serve the request without depending on a previous request or demand thereafter.
 
By its nature, stateless, will be very difficult to make an application with the HTTP protocol that need to handle a session (e.g. online shopping). In the context of this session is a series of requests in the form of a unity, for example, from your login, select the item, make a payment, until logout. Although at that time other people who are both equally login and select the item, the item you choose will not mix with people because you and that person has a different session.
Cookie is one way to create a stateful session with HTTP, there is still a cookie than the other way, but this way is considered the most convenient and standard for now.
 
How does cookie look like? 
Cookie is a text-based information that is exchanged by client and server (which makes this cookie is a server). In the cookie is there some information, i.e. name server which provides, cookie path, cookie contents and expiration date. When receiving a cookie, the cookie will be stored by the browser in the cookie jar, it’s usually in the form of text files. When a browser visits a site that is in the cookie jar, the same paths when requesting the page for the site content is also sent a cookie.
 
What can be done by cookies? 
Cookies are used to store information on the client by a server. So who writes the contents of a cookie is a webserver, and the client to save. For each server, the size of a cookie is limited in number as well, so a server will not be able to give cookies in large numbers or in larger size to meet your hard drive.
Cookies can be used to save your login information to be used on the following pages, cookies can also be used to store additional information that you do not have to login every time you visit a site.
Cookies can also be used to monitor which pages you visit in a site. These are usually exaggerated by the media, they said: You could be tracked with cookies. RFC 2109 itself has mentioned this:
An origin server could create a Set-Cookie header to track the path
of a user through the server. Users may object to this behavior as
an intrusive accumulation of information, even if their identity is
not evident. (Identity might become evident if a user subsequently
fills out a form that contains identifying information.)

Actually, what the cookie can do is just that, it’s like a security guard or clerk is watching you when shopping in a store. He could find out what your habits each time to store it, but they will not know what you do not tell (your name or address for example). If you did not fill any data to a site, cookie had almost no effect on you. For website owner, the data is just like the survey (so he knows which pages are most visited and not) but he did not know who is filling the survey.
 
The advantage for user with a cookie 
You have visited sites that require login and have the word “remember my login and password?”, that site save the login and encrypted password in the cookie. With this facility you do not have to login every time you log onto the site. For Internet users at home using phone lines or modems, this means savings credit because you do not need to load the home page, login and wait until the page appears. Some sites can save your settings to facilitate your use of services, for example is Google. Google allows a user to set a few things (such as language, number of search results per page and others) and this setting will remain there until the cookie expires.
 
Keep your cookies 
Cookies are not dangerous, but if this cookie copied by other people, the result could be fatal. As I mentioned earlier, this cookie can be used to store login and password, if this cookie can be copied to login with yours, no password. But this way (copying the cookie) is not always successful, most of the cookie have the active time, and many sites on the Internet that will out-do a user if there are two logins from two different IP (Internet Protocol) from the same user.
 
So be careful with your cookies. In the public use computers, you should not activate the option “remember my login name and password” because it is very dangerous. But at home or in other private places (such as office computer to be used alone, or laptop) this facility can help you reduce the time online. 

Bug 
Some browsers that support cookies in the first version has a bug. There is a bug that allows a cookie to be exchanged with another domain (when it should not be). Latest current browser is free from this bug.
 
Conclusion 
Cookies are not too dangerous when compared to other technologies that exist on the internet today. Javascript is usually active in every browser is much more dangerous than the cookies. Currently not many bugs in the browser cookie implementation, but implementation errors Javascript and VBScript are very much.
 
If you too worry to the point that you install a cookie manager that will delete your cookies , you should probably more worried about other things. In addition to burden your PC with the software, maybe you'll get a false sense of security because there are many attacks other than through a cookie. If you did not make financial transactions on the Internet and do not have important data on the internet (on the internet hard drive such as Xdrive, for example), can be said that cookies are harmless.

0 comments:

Post a Comment