Cookies

Discover what cookie attributes are and the best practices for setting them to ensure protection from attacks like Cross-Site Scripting and Cross-Site Request Forgery.

What is a cookie?

Cookies provide a way to store server-sent data on the browser. The browser can then send the cookies back to the server in subsequent requests. Why would we want to do this? In theory, HTTP and web application servers are generally stateless, meaning that HTTP requests can be made independently of one another and each call contains all of the data necessary to successfully complete. The web servers themselves shouldn’t maintain any information from request to request related to the user’s active browsing session. However, in reality, this becomes extremely hard for developers that need to link a series of requests to the same user.

Get hands-on with 1400+ tech skills courses.