HTTP cookie

Also found in: Wikipedia.

HTTP cookie

(World-Wide Web)
A system invented by Netscape to allow a web server to send a web browser a packet of information that will be sent back by the browser each time it accesses the same server. Cookies can contain any arbitrary information the server chooses to put in them and are used to maintain state between HTTP transactions, which are otherwise stateless. Typically this is used to authenticate or identify a registered user of a website without requiring them to sign in again every time they access it. Other uses are, e.g. maintaining a "shopping basket" of goods you have selected to purchase during a session at a site, site personalisation (presenting different pages to different users) or tracking which pages a user has visited on a site, e.g. for marketing purposes.

The browser limits the size of each cookie and the number each server can store. This prevents a malicious site consuming lots of disk space. The only information that cookies can return to the server is what that same server previously sent out. The main privacy concern is that, by default, you do not know when a site has sent or received a cookie so you are not necessarily aware that it has identified you as a returning user, though most reputable sites make this obvious by displaying your user name on the page.

After using a shared login, e.g. in an Internet cafe, you should remove all cookies to prevent the browser identifying the next user as you if they happen to visit the same sites.

Cookie Central.
This article is provided by FOLDOC - Free Online Dictionary of Computing (
References in periodicals archive ?
The word cookie (also known as browser cookie or HTTP cookie) is derived from magic cookie, a term used in programming languages to describe the information shared between "co-operating pieces of software." The Cookie Central website gets a little more technical, defining it as "a text only string that gets entered into the memory of your browser."
(Although a request for comment about this proposed standard was published in 2011, it has not been finalized.) "[It] defines the HTTP Cookie and Set-Cookie header fields."
The method makes it possible for deleted HTTP cookies to be respawned from stored data associated with the unique identifier."
For instance, while an HTTP cookie stores just 4KB of data, Flash cookies can store up to 100KB.
Vikram Thakur, senior manager at Symantec Security Response, told Gulf News that the virus can communicate with the attackers using multiple channels (TCP, UDP, ICMP, HTTP cookies), all of which are strongly encrypted.
The HTTP Cookies returned by the target server in the Set-Cookie HTTP header are also managed by the Muse Navigation Manager in an automatic manner without the administrator intervention.
The product includes support for WML Script, HTTP cookies, and optional encryption security using WTLS, as well as support for numerous WAP devices, including phones from Nokia, Ericsson, Siemens, and Motorola.
For example, many Web browsers include tools that allow users to specify their preferences regarding HTTP cookies. Users can specify that they should be prompted whenever a site asks to set a cookie, that all cookie requests should be automatically accepted or rejected, or that cookie requests should be accepted under a limited set of conditions.