HTTP cookie

1. Using HTTP cookies

1.1. HTTP cookie (web cookie, browser cookie)

1.1.1. a small piece of data

  • server
    • sent
    • to user's web browser
  • browser
    • may store the cookie
    • and send it back
      • to the same server
      • with later requests
  • HTTP cookie is used to tell
    • if two request come from the same browser
      • keeping a user logged in, for example
  • It remembers sateful information
    • for the stateless HTTP protocol

1.1.2. mainly used for three purposes

  • Session management
    • Loings, shopping carts, game scores
    • or anything else the server should remember
  • Personalization
    • User preferrnces
    • themes
    • and other settings
  • Tracking
    • Recoding and analyzing user behavior

1.1.3. modern storage APIs are now recommended

  • Cookies are sent with every request, so they can worsen performance (especially for mobile data connections).
  • Modern APIs for client storage are
    • Web Storage API
      • localStorage
      • sessionStorage
    • IndexedDB

2. Creating cookies

  • a server can send one or more Set-Cookie header
    • with the response
    • After receiving an HTTP request
  • The browser useally
    • stores the cookie
    • send it
    • with requests
      • made to the same server
      • inside Cookie HTTP header
  • can specify

3. ref

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies