### Overview

 By the end of this page you will be able to: Understand the role of cookies in a Web browser Understand the security implications of a cookie Describe the difference between an HTTP and a Flash cookie

## Introduction

When browsing the web most people will have encountered cookies. But;

• What are they?
• How to turn off cookie warning messages?

## How does a cookie work ?

"I basically equate cookies to the notion of a store being able to tattoo a barcode on your forehead, and then laser-scan you every time you come through the door." Simson Garfinkel "Wired" When a browser and a web server first meet, the Web server gives your browser a text file, the cookie. The cookies information is then shared and often updated on each return visit made to the Web server. Cookies are not necessarily site specific. In Geoff Palmer’s article in the October PC World (1998) he explains the Double-click cookie, which is used to track users’ movements between web sites, build a centralised profile of likes and dislikes and target advertising across numerous web sites.

## Security and privacy

Cartoon: A Hubbards cookie is actually a YCR!

• Increase network traffic. Each time a cookie is stored the cookie names and values are sent to the server. If you have 2000 users making 4 requests per minute, and have a 4kB cookie this give 32MB traffic per minute!
• Increases the time to service a request. The server must parse (unscramble) the cookie collection.
• Are machine dependent. i.e. are stored on the computer accessing the application.
• Are browser-dependent. If you have two browsers accessing the same application two sets of cookies are created.
• May disappear. Users can manually delete cookies, the machine can crash, or the user can rebuild the machine.
• Are user controlled. Users can set the browsers to reject cookies.

Response.cookies("UserId") = "Michael"

pgUserId = Request.Cookies("UserId")

Cite error: <ref> tags exist, but no <references/> tag was found