All geek questions in one place

How cookies work when browsing websites

On websites where you have to enter a username and password, I notice that I can browse the site with a single browser, and it will know who I am, wherever I am on the site. But if I open another browser, he does not know who I am in this browser, if I do not enter this browser.

After I enter the website, it stores some kind of cookie in my browser, and every time I go to another page on this website, it checks the cookie on my identity?

What happens if I log in and then delete the cookie before going to another page on the site?

+4
source share
4 answers

It is more likely to “teach a person how to fish,” so I apologize if this is not what you need. But if you accept my advice, you will learn a lot, so please trust me :)

There are several tools you can use to track that http traffic is occurring between your browser and server. One of them is called Firebug, a plugin for Firefox. Another kind of tool is called a "proxy server for web debugging." There are charles , which is very powerful, and fiddler , which is free.

enter image description here

What you want to do using any of these tools, use the website, and then look at the raw request . This shows you exactly what your browser tells the server. You will see that cookies for this server are sent along with each request. What's cool about these tools is that you can edit the request before sending so you can check how the servers are responding ...

+3
source

After I enter the website, it stores some kind of cookie in my browser, and every time I go to another page on this website, it checks the cookie on my identity?

Yes. Cookies are sent with every HTTP request.

What happens if I log in and then delete the cookie before going to another page on the site?

Just as if you switched the browser.

+2
source

Each time you navigate a new page, your browser sends a request to the server, and the server sends you a response. Your request contains cookies that the server can analyze and use. If you delete the cookie, your browser will not be able to send it with the following request.

+1
source

What happens if I log in and then delete the cookie before going to another page on the site?

You will no longer be logged in.

After I enter the website, it stores some kind of cookie in my browser, and every time I go to another page on this website, it checks the cookie on my identity?

Yes. Most likely you are dealing with a session cookie. These cookies do not store any information themselves, but use a long line to identify themselves on the server. I would suggest doing some research on cookies. Regarding (I guess) the alleged question "Why do cookies work on different pages?" because cookies are domain bound and not an exact URI.

Cookies contain names, values ​​and excerpts (along with several others). The most common sessions are those that use an identifier to download session state from a server containing your information. These are the safest cookies, since everything is centralized and not subject to theft. Another type is a regular cookie, which has a limited size and stores information on the client side. Anything related to purchases or something that tracks users is most likely using sessions, while something like a custom javascript-y page is probably using a regular cookie. The former monitors the information server side for additional security, while the latter does not pose a security risk and leaves information for client management.

0
source

Source: https://habr.com/ru/post/1305987/

More articles:


All Articles