Please Whitelist This Site?

I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :)

If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads.

If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK.

Thanks for your understanding!

Sincerely, Charles Kozierok
Author and Publisher, The TCP/IP Guide


NOTE: Using software to mass-download the site degrades the server and is prohibited.
If you want to read The TCP/IP Guide offline, please consider licensing it. Thank you.

The Book is Here... and Now On Sale!

Enjoy The TCP/IP Guide? Get the complete PDF!
The TCP/IP Guide

Custom Search







Table Of Contents  The TCP/IP Guide
 9  TCP/IP Application Layer Protocols, Services and Applications (OSI Layers 5, 6 and 7)
      9  TCP/IP Key Applications and Application Protocols
           9  TCP/IP File and Message Transfer Applications and Protocols (FTP, TFTP, Electronic Mail, USENET, HTTP/WWW, Gopher)
                9  TCP/IP World Wide Web (WWW, "The Web") and the Hypertext Transfer Protocol (HTTP)
                     9  TCP/IP Hypertext Transfer Protocol (HTTP)
                          9  HTTP Features, Capabilities and Issues

Previous Topic/Section
HTTP Security and Privacy
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
Gopher Protocol (Gopher)
Next Topic/Section

HTTP State Management Using "Cookies"
(Page 2 of 3)

Issues with Cookies

Cookies sound like a great idea, right? Well they are—and they aren’t. On the positive side, cookies are absolutely essential for many of the applications that make the Web the powerhouse it is today, the examples of online shopping and discussion forums being only two of many. Most of the time, cookies are used for these sorts of useful and benign purposes. Unfortunately, like every good idea, there are those who have found a way to turn cookies to the “dark side” by finding ways to abuse them. There can even be potential problems with them when there is no nefarious intent. For this reason, cookies are rather controversial.

Some of the issues with cookies:

  • Transmission of Sensitive Information: Suppose you use an online banking system. You log in to the server, which then stores your login and password (which controls access to your account) in a cookie. If the application is not implemented carefully, the message containing that cookie could be intercepted, giving someone access to your account. Even if it is not, someone knowledgeable who gained access to your computer could retrieve the information from the file where cookies are stored.

  • Undesirable Use of Cookies: In theory, cookies should be a help to the user, not a hindrance. However, any server can set a cookie for any reason. In some cases, a server could set a cookie for the purpose of tracking the sites that a user visits, which some people consider a violation of their privacy. Since some Web browsers do not inform the user when a cookie is being set, they may not even be aware that this is happening.

  • Third-Party or “Unintentional” Cookies: While most people think of cookies as being set in the context of a resource they specifically request, a cookie may be set by any server to which a request is sent, whether the user realizes it or not. Suppose you send a request to “http://www.myfavoritesite.com/index.htm” and that page contains a reference to a tiny image that is on the server “http://www.bigbrotherishere.com”. The second site can set a cookie on your machine even though you never intended to visit it at all. This is called a “third-party cookie”.

Previous Topic/Section
HTTP Security and Privacy
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
Gopher Protocol (Gopher)
Next Topic/Section

If you find The TCP/IP Guide useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider purchasing a download license of The TCP/IP Guide. Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005

© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.