140 likes | 436 Views
Cookies. What are cookies?. Cookies are simple text data that are saved in our computer (often by a web server) for later retrieval. Cookies may not contain documents, images, video, etc. Each cookie has a name and a value, such as UserNick= AliDesidero. Why do we need cookies? .
E N D
What are cookies? • Cookies are simple text data that are saved in our computer (often by a web server) for later retrieval. • Cookies may not contain documents, images, video, etc. • Each cookie has a name and a value, such asUserNick= AliDesidero
Why do we need cookies? • Due to the stateless nature of web transactions, a web server does not know the previous steps a browsing client has made. • In applications where identifying the user, or knowing about his/her previous steps is important, cookies are used.
Typical cookie applications • In e-commerce sites, for tracking the user’s shopping cart. • In web-based mail or e-group sites, for keeping the user’s identity while moving between messages. • In gaming sites, keeping user information. • In many other sites, keeping user preferences.
What is saved in a cookie? • Cookie name • Cookie value • Expiry date • Domain • Path • Secure? (designates that cookie is only transmitted during secure information exchange)
Cookie types • Persistent cookies: Saved into files, resides in our computer until expiry date. • Session cookies: Saved inside our browser until the browser application is closed.
Where are cookies? • In IE: Each cookie in a separate file (in C:\[WinDir]\Temporary Internet Files). • In Netscape:All cookies in a single file named cookie.txt in Netscape user profile folder (Typically in C:\Program_Files\Netscape\Users\username).
Who can view our cookies? • When our browser sends a request to a server (for requesting a web page, an image, etc.), it also sends the cookies it’s keeping for that site. • Cookies are only sent back to web sites (domains) that write them into our computer. • If a cookie is saved with a path specification, web pages that are not below that path cannot see that cookie.
Who can view our cookies: Example • Assume that we have the following cookies in our computer: • Then, the below web pages can see the following cookies:
What is its privacy problem? (1) • Banners we see on web pages often come from ad banner providers (such as doubleclick.net) • Loading such banners into our browsers is equivalent to visiting that ad provider’s web site, as our browser will open a separate port for loading the ad image. During the session of loading the ad image, the ad provider web site can read any previous cookie that belongs to itself, or place a new cookie into our computer.
What is its privacy problem? (2) • Banner providers place their banners on many web sites. Each of those banners read the previously placed cookie from the client browser, and places a record of the current visit into their own database. • In time, these records of visits accumulate, and thus banner providers can track our web surfing patterns, our habits, what type of commodities we search for, etc.
What is its privacy problem? (3) • If we give our email address to a web site that has a banner, the banner provider may be able to associate the email address with our previous web surfing. • The banner provider may thus sell our email address to companies who spam users that are looking for a certain product or service. • Or the banner provider may show us ads for products or services that we may be looking for.
Examples (1) • This page displays the values of two cookies (user name and password) in a form and sends their new values to another page: http://olympos.ku.edu.tr/comp220/login.asp • This page gets new values for user name and password and stores user name in a persistent, password in a session cookie: http://olympos.ku.edu.tr/comp220/setgetcookie.asp
Examples (2) • This page displays the cookies for another folder under the same server. Cookies with specific folder setting would not appear here: http://olympos.ku.edu.tr/ekutukoglu/showcookies.asp • This page allows you to add, delete, modify cookies: http://olympos.ku.edu.tr/comp220/dummy/managecookies.asp