Cookie

In one sentence: Cookie is a small piece of code that site stores on your browser to recognize you!

Imagine you went to a café. First time you order, waiter gives you a card. Next times you show the card, waiter understands who you are and brings your order. Cookie is this — site gives your browser a card, next times your browser shows the card, site understands who you are.

Types of Cookies:

Session Cookie: Only stays while browser is open. Close it, gets deleted.

Persistent Cookie: Has expiry date. Stays until that date.

Secure Cookie: Only sent through HTTPS.

HttpOnly Cookie: JavaScript can't read it (protection against XSS).

SameSite Cookie: Determines when cookie gets sent (protection against CSRF).

Why is it important for security?

Because cookies hold Session ID, authentication tokens, and sensitive data. If hacker steals cookie (through XSS, MitM), can get into your account!

Cookie(N/A)

Types of Cookies:

Why is it important for security?

Sources & References

Cookie(N/A)

Types of Cookies:

Why is it important for security?

Sources & References

What is Cookie?

Types of Cookies:

Why is it important for security?

Sources & References

Related Concepts

Session(N/A)

Cross-Site Scripting(XSS)

Cross-Site Request Forgery(CSRF)

What is Cookie?

Types of Cookies:

Why is it important for security?

Sources & References

Related Concepts

Session(N/A)

Cross-Site Scripting(XSS)

Cross-Site Request Forgery(CSRF)