HTTP cookie: Difference between revisions

A '''cookie''', also known as a '''HTTP cookie''', '''web cookie''', or '''browser cookie''', is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site.<ref>{{cite web | url = http://tools.ietf.org/html/rfc6265#section-3 | work=IETF | title= HTTP State Management Mechanism - Overview |date=2011-04}}</ref>. The state information can be used for [[authentication]], identification of a user [[http session|session]], user's preferences, [[Shopping cart software|shopping cart]] contents, or anything else that can be accomplished through storing text data.

As text, cookies are not [[executable]]. Because they are not executed, they cannot replicate themselves and are not [[Computer virus|viruses]]. However, they can be used by [[spyware]] to track user's browsing activities - a major privacy concern that prompted stricter laws.<ref name=eulaw>{{cite news | url = http://www.bbc.co.uk/news/technology-12668552 | work= BBC | title=New net rules set to make cookies crumble | date=2011-03-08}}</ref>. Cookies could also be stolen by [[Hacker_(computer_security)|hackers]] to gain access to a victim's web account.<ref>{{cite web|url= http://news.cnet.com/8301-10789_3-9918582-57.html |first=Robert |last=Vamosi | title=Gmail cookie stolen via Google Spreadsheets |date=2008-04-14}}</ref>.