What are Http Cookies
5 September 2024
What is a cookie?
A persistent key-value data for the browser. Http cookies were invented by Netscape programmer Lou Montulli.
Why do cookies exist?
Http requests are stateless during communications of client and server. Cookies are a plain text file stored in the browser used to store information related to the user. They are packaged in the http request response objects so the client and server both have access to shared data thanks to cookies. The introduction of cookies allowed for more complex features for developers to add to enhance user experiences.
How do they benefit us?
The founder of cookies claimed using the internet was like "talking to someone with Alzheimers disease". On amazon.com I can add items to a cart and they remain forever. That feature is due to the persistent cookies. Now there are more types of storages on the browser such as local storage, session storage, or IndexDb. Cookies are different because they can be sent in Http objects.
Can they cause a security vulnerabilities?
Beware of dangerous hackers. Sites typically ask the user to accept cookies. Some internet attacks are cross site scripting (XSS) and cross site request forgery (CSRF) where the attacker intercepts your cookies, which could compromise your account. This sort of thing is not common from my experience.
What about my privacy?
Third party cookies bring up privacy concerns. For Chrome third party sites have cookie access by default so they can show personalized ads without interference. Safari and Mozilla don't allow third party cookies at all. Google recently announced that Chrome will be removing third party cookies from it's default settings by 2025. But Google is still unsure of how to handle third party cookies. They have more important things to worry about with Chrome.
Thanks for reading!