HTTP State Management Using "Cookies"
(Page 3 of 3)
Managing Cookie Use
The RFCs describing the cookie state management technique deal extensively with these and other issues, but there is no clear-cut resolution to these concerns. Like most security and privacy matters, the most important determinant of how significant potential cookie abuse may be is your own personal comfort level. Millions of people browse the Web every day letting any and all sites set whatever cookies they want, and never have a problem. Others consider cookies an offensive idea and disable all cookies, which eliminates the privacy concerns but can cause problems with useful applications like interactive Web sites. As usual, the best approach is usually something in the middle, where you choose when and how you will allow cookies to be set.
The degree to which cookie control is possible depends greatly on the quality and feature-set of your Web client software. Many browsers do not provide a great deal of control in how and when cookies are set, where others are much better in this regard. Some allow cookies to be disabled, but come with them turned on by default, and since many people are not even aware of the issues I have mentioned above, they will not even realize when cookies are being sent. Most notable in this regard is the most popular browser in the world, Microsofts Internet Explorer, which normally comes set by default to accept all cookies without complaint or even comment.
Internet Explorer does allow you to disable cookies, but you have to do it yourself. It also allows you to differentiate between first-party and third-party cookies, but again, you must turn this on. Other browsers have more sophisticated settings, which will let you dictate conditions under which cookies may be set and others when they may not. Some will even let you allow certain sites to send cookies while prohibiting them from others. Better ones will also you to visually inspect cookies, and selectively clear the ones you do not want on your machine.
Third-party cookies can be used by online advertising companies and others to track the sites that a Web user visits. For this reason, they are considered by many people to fall into the general category of undesirable software called spyware. There are numerous tools that will allow you to identify and remove tracking cookies from your computer; many are available free on the Web.
Home - Table Of Contents - Contact Us
The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005
© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.