Sessions & Cookies ?????
Most people expect a reward when they hear the word “cookies.” However, when it comes to computers, cookies are not on the dessert menu. They are not even physical objects. They do, however, perform a significant part of work that allows you to access the Internet — and they can be dangerous if you don’t know how to handle them.
A cookie is a form of communication that a Web server sends to a Web browser. A cookie’s primary function is to identify users and maybe produce personalized Web pages or preserve site login information for you.
This information is encoded into a cookie and transmitted to your Web browser, which saves it for future use. When you visit the same Web site again, your browser will deliver the cookie to the Web server. Every time the browser requests a page from the server, the message is sent back to the server.
Cookies are a part of the HTTP protocol, defined by the RFC 626.
Visit the below link to learn more about RFC 626 specification.
State is introduced into HTTP (Always remember: HTTP is stateless).
Cookies are exchanged between the server and the client through http.
Cookies can also be simply understood as token that are used to identify clients and their orders.
How they differ???? (Cookies & Sessions)
Session cookies, which are only stored on your computer during your login session and are permanently removed when you close your browser — they store an anonymized session ID, enabling you to browse a website without having to log in to each page but do not collect any personal data from your computer. Session cookies gather no data from your computer. They will generally keep data in the form of a session identification that does not directly identify the user.
Persistent cookies, which are stored as a file on your computer and remain there when you close your web browser. When you return to the website that produced the cookie, it may read it.
Cookies and Sessions, both are used to store information of web activity. Cookies are primarily stored on the client computer, whereas sessions are stored on both the client and the server.
How Cookies are Implemented?
Imagine how they are working in the website and try to think their workflow.
Don’t Worry I will show you the implementation process of cookie.
The Set-Cookie and Cookie Headers:
A cookie does not need to know where you are from in order to function; it simply needs to remember your browser. Cookies are sent from the server to the client via “Set-Cookie” headers.
The NAME value is a URL-encoded name that identifies the cookie.
The PATH and DOMAIN specify where the cookie applies
This instructs the server sending headers to tell the client to store a pair of cookies:
Then, with every subsequent request to the server, the browser sends all previously stored cookies back to the server using the Cookie header.
No more lecture let’s get hand dirty with the cookies.
Viewing the Cookies:
Method 1: Install the cookie-editor extension for your preferred browser. I have tested this extension in chrome browser. I placed the link below to download this extension to your browser.
Click on add to chrome to get started.
Go to extensions and turn it on to view the assign cookies of website you visits.
Let’s visit the datatracker.ietf.org website and see what cookie they set to us.
https://datatracker.ietf.org/doc/html/rfc6265
There are other methods to view the cookies, I suggest you to do some research and comment below what methodology you used.
Uses of Cookies:
The cookie’s purpose is to help the website in keeping track of your visits and activities. This is not necessarily a negative thing. Many online businesses, for example, use cookies to keep track of the goods in a user’s shopping basket as they navigate the site. Without cookies, every time you visited a new link on the site, your shopping basket would be reset to zero which might make online shopping difficult!
Cookies may also be used by a website to keep track of your most recent visit or to save your login information. Many people discover this useful for storing passwords on frequently visited websites, or just to keep track of what they have browsed or downloaded in past usages.
Cookies of many varieties keep track of various activities.
Session cookies are only utilized when a user is actively surfing a website; once you leave the site, the session cookie expires.
Tracking cookies can be used to keep track of several visits to the same website over time.
Authentication cookies keep track of who is logged in and under what identification such as name or id.
Are cookies dangerous to us? Malicious Cookies are what they sound like.
Cookies do not generally threaten security, but malicious cookies are on the rise. These cookies can be used to keep and track your online activities. Malicious or tracking cookies are cookies that monitor your online behavior. These are the harmful cookies to keep an eye out for since they track you and your browsing activities over time in order to construct a profile of your interests. Once the profile has enough information, there is a strong probability that it will be sold to an advertising business, which will then utilize that profile information to target you with interest-based advertisements. When analyzing your system for malware, many antivirus systems now identify suspected spyware or adware cookies.
Delete and Manage Cookies:
Go to the following help sites to enable, block, or remove the cookies installed on your equipment by setting the browser options loaded on your computer:
Microsoft Edge: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/en-US/kb/block-websites-storing-cookies-site-data-firefox
Chrome: https://support.google.com/accounts/answer/61416?hl=en
Safari: http://safari.helpmax.net/en/privacy-and-security/managing-cookies/
Opera: https://help.opera.com/en/latest/web-preferences/
Implementation of cookies in Blockchain Intelligence:
I recommend you to do more research in this topic. I will just give the basic information.
The Blockchain Intelligence website makes use of Google Analytics, a web analytics program produced by Google that measures and analyzes website traffic. This service’s cookies will be seen in your browser. They may be own, session, or analytical cookies, depending on the typology.
Information on the number of users trying to access the website, the number of page views, the rate and repetition of visits, their duration, the browser used, the operator providing the service, the language, the terminal used, and the city to which its IP address is allotted can be obtained using web analytics. This data helps the portal to give a more personalized and relevant service.
To preserve anonymity, Google will truncate the IP address before keeping it. Truncation removes "n" of the least significant bits from an IP address, replacing them with zeroes. In effect, it replaces a host address with a network address for some fixed netblock; for IPv4 addresses, 8-bit truncation corresponds to replacement with a /24 network address.
To learn more about IP Flow Anonymization visit the link below.
As a consequence, Google Analytics cannot be used to trace or acquire personal information identifying website users.
Finally, a cookie named show cookies will be downloaded, which are technical and session cookies. These manage the user’s agreement to the use of cookies on the website in order to remember who has accepted them.
Source: https://blockchainintelligence.es/en/cookies-policy/
End!!
Hope you learn about cookies and session, don’t forget to leave a comment below if you have any suggestion. Thank You !
Also follow me on twitter :) :> https://twitter.com/c15c01337
