VirtualMV/Internet and Web/Cookies/Content

From WikiEducator
Jump to: navigation, search


VmvIcon Objectives.png

By the end of this page you will be able to:

  1. Understand the role of cookies in a Web browser
  2. Understand the security implications of a cookie
  3. Describe the difference between an HTTP and a Flash cookie


When browsing the web most people will have encountered cookies. But;

  • What are they?
  • Should you refuse cookies?
  • How to turn off cookie warning messages?
Cartoon: looking for cookies

What is a cookie?

A cookie is a small text file that stores your preferences or user details, so that when you return to a website it knows who you are, and what options you’ve chosen. Using the Web’s Hypertext Transfer Protocol (HTTP), each request for a Web page is independent of all other requests. For this reason, the Web page server has no memory of what pages it has sent to a user previously or anything about your previous visits. Cookies are stored in memory while you browse around a site and when you leave a website they are saved on your computer’s hard disc. Web users must agree to let cookies be saved for them. Reference : cookiecentral (

Cookie use

Cookies are commonly used to rotate the banner ads that a site sends so that it doesn’t keep sending the same ad as it sends you a succession of requested pages. They can also be used to customize the pages they send you based on your browser type or other information you may have provided the Web site. Many "portal" websites offer page customisation e.g. My Netscape. Using Netscape they are stored in the in the Netscape directory under Cookies, while IE saves them in the Tempory Internet Files folder. It is possible to view your cookies and delete them or edit out the lines from certain websites. If you refused to accept them then every time your returned to a website you would have to enter your password and re-select your user options.

How a cookie works

How does a cookie work ?

"I basically equate cookies to the notion of a store being able to tattoo a barcode on your forehead, and then laser-scan you every time you come through the door." Simson Garfinkel "Wired" When a browser and a web server first meet, the Web server gives your browser a text file, the cookie. The cookies information is then shared and often updated on each return visit made to the Web server. Cookies are not necessarily site specific. In Geoff Palmer’s article in the October PC World (1998) he explains the Double-click cookie, which is used to track users’ movements between web sites, build a centralised profile of likes and dislikes and target advertising across numerous web sites.

Security and privacy

Some people are concerned about the privacy aspects of using Cookies, For instance, upon your first visit to a site, you may be asked to register, by giving your name and perhaps even some personal or financial information required to gain access to that site in the future. Some unscrupulous marketing organisations have found a way to use cookies to actually track your movements across the Web. They do this by surreptitiously planting their cookies and then retrieving them in such a way that allows them to build detailed profiles of your interests, spending habits, and lifestyle. On the surface, this practice may seem harmless and hardly worth worrying about since the worst thing most imagine is that corporate concerns will use this information to devise annoying, yet relatively innocuous advertising campaigns, targeted towards specific groups or individuals. However, it is rather scary to contemplate how such an intimate knowledge of our personal preferences and private activities might eventually be used to brand each of us as members of a particular group. But remember a site only knows what information you have entered. Not all cookies are bad, they can also provide useful functions on the web.

Cartoon: A Hubbards cookie is actually a YCR!

Cookie disadvantages

  • Increase network traffic. Each time a cookie is stored the cookie names and values are sent to the server. If you have 2000 users making 4 requests per minute, and have a 4kB cookie this give 32MB traffic per minute!
  • Increases the time to service a request. The server must parse (unscramble) the cookie collection.
  • Are machine dependent. i.e. are stored on the computer accessing the application.
  • Are browser-dependent. If you have two browsers accessing the same application two sets of cookies are created.
  • May disappear. Users can manually delete cookies, the machine can crash, or the user can rebuild the machine.
  • Are user controlled. Users can set the browsers to reject cookies.

Cookies in ASP

reating a cookie

Response.cookies("UserId") = "Michael"

Retrieving a cookie

pgUserId = Request.Cookies("UserId")

Cookies in Flash

The following excerpt is by Bill Detwiler (2010)[1] Flash cookies, or Local Shared Objects, generally serve the same tracking function as HTTP cookies, but with some significant differences.

  • They can hold a lot more data, up to 100 Kilobytes, where a standard HTTP cookie is only 4 Kilobytes
  • They have no default expiration date.
  • They are stored in different locations on your machine so even if you go hunting for files with the .SOL extension, which Flash cookies use, you may have a hard time find them all.
  • The security settings on your computer have no effect on them.

So, how can you see which sites have placed Flash cookies on your machine, and how do you control this behaviour? Annoyingly, both of these questions are answered using the Adobe Flash Player Settings Manager, which you must access through a Flash element on Adobe's Flash Player support Web site ( Adobe, 2010[2]).
Cite error: <ref> tags exist, but no <references/> tag was found