Simple Questions: What are Cookies & What Do They Do?
When browsing the Internet you may have encountered the term "cookies". Some websites informed you about using them or your web browser had some settings about them. Even though you knew that these "cookies" are not exactly a sweet dessert, you didn't know exactly what they are and their role in browsing the web. This is why, in this article we will explain what cookies are, how they work and what kind of cookies are most frequently used.
What Are Cookies & How Do They Work?
Generally, cookies are small pieces of data sent between a sender and a receiver. A cookie is created and interpreted by the sender, while the receiver only holds it and sends it back if the sender asks for it.
When browsing the web, the sender is the server on which a website runs and the receiver is the web browser of the user that visits that website. Their purpose is to identify the user, check for his past activity on the website and provide appropriate content based on this data.
The first time a user visits a website, the server stores a particular cookie in the web browser of that user. Any other following visit on the website, the server asks for its cookie, reads it and loads a particular configuration of the website for that specific user. You can think of cookies like a tag applied by web servers to every user, which is read by web servers to identify users.
This identification is very useful especially on websites where real-time user data is critical. For example, when using an online shop, you cannot buy anything without the help of cookies. Shops wouldn't be able to identify you and build your shopping cart without them because each time you load a web page, the shop would see you as a new user and start your visit from scratch.
When Were Cookies Used For The First Time & Why?
The first browser to use and support cookies was Mosaic Netscape, in October 1994. One year later, Internet Explorer 2 also supported cookies. Since then, all web browsers offered support for cookies.
Even though the reason why they were created is a good one, now cookies are used for all kinds of purposes, some of which are not exactly ethical.
What is the Structure of a Cookie?
Every modern web browser supports cookies and they generally have a size of 4KB.
To help you understand the structure of a cookie, we will use as an example the "has_js" cookie sent by our website - 7 Tutorials. We analyzed it using Google Chrome.
Here is its structure:
- Name - the name of the cookie.
- Content - the information the cookie contains.
- Domain - the domain using this cookie.
- Path - the page of the domain where to cookie is used. If the path is "/" it means that the cookie is used across the whole website.
- Send for - the level of security the connection needs to have in order to use the cookie.
- Accessible to script - it shares whether or not the cookie can be accessed through other ways than HTML.
- Created - the date the cookie was created on the user's web browser.
- Expires - the moment when the cookie expires and it is deleted by the browser.
What Types of Cookies Are The Most Common?
Even though the term cookie is rather general, there are many ways a cookie can be used. This is why there are different types of cookie. The most common types of cookies are the following:
- Session cookies - one of the most common types of cookies. They exist in a temporary memory until the web browser is closed. They are not harmful because all their information is deleted when your browsing session is over.
- Persistent cookies - also called tracking cookies. They last on the user's computer until they are deleted or reach their expiry date. They are used to gather information about the user, recording his or her behaviour on a specific website over a period of time.
- Secure cookies - an encrypted cookie works only when using a secure HTTPS connection. These cookies are used to ensure that their information cannot be stolen by potential hackers connected to the same network as the user. They keep important information about the user and are used mostly on websites where users perform financial transactions. Because they are encrypted, they are a lot more secure than other types of cookies.
- HttpOnly cookies - they cannot be used by any protocol other than HTTP. Such cookies ensure that only the website that created them can use them. Only session cookies can be HttpOnly and they generally do not imply any privacy or security risks for users.
- Third-party cookies - these cookies belong to a different domain, other than the one that sent them. They are usually sent by ads and can store the browsing history of a user across multiple websites that use the same advertising network. These cookies stir up privacy concerns because some ad networks use them to track way too much data about users in order to display targeted ads.
- Zombie cookie - cookies that recreate themselves after they are deleted. They are generally used by web analytics services and stored outside the browser because they are available across browsers installed on the same computer. The reason they recreate themselves is to prevent data from becoming fragmented after the user deletes the cookies. They can also be used for malicious purposes because the web browser cannot control their existence. Only security products can identify them and remove them.
As you have learned from this article, cookies are widely used on the Internet because they allow websites to be more powerful by providing the most useful content to every user. In some cases websites cannot function without using cookies. They also allow websites to learn about their users and the pages they are visiting. But, just like any other technology, they can also be used for less ethical purposes. That's why knowing how they work and how they are used is good for anyone that's browsing the web.
We hope this guide was useful to you and now you have a better understanding of this concept. If you have any questions, don't hesitate to use the comments form below.