What does cookie mean?

[Edit this paragraph] The specific meaning of ]cookie

Cookies always mean eating snacks with milk. However, in the Internet, the word "cookie" has a completely different meaning. So what is a cookie? A "Cookie" is a small amount of information sent by a web server to be stored in a web browser so that the unique visitor can read the information from the browser the next time he returns to the web server. This is useful for the browser to remember the specific information of this visitor, such as the location of the last visit, the time spent or the user's preferences (such as style sheets). Cookie are text files stored in the browser directory and stored in RAM when the browser is running. Once you log off from this website or network server, Cookie can also be stored on your computer's hard disk. I3I.net's intention is to terminate all cookie in I3I.net when the visitor finishes the browser conversation.

What are the uses of Cookie?

One of the purposes of Cookie is to store the password and ID of users on a specific website. In addition, it is used to store the preferences of the start page. On websites that provide personalized viewing, your web browser needs to use a small amount of computer hard disk space to store these preferences. In this way, every time you log on to the website, your browser will check whether you have any predefined preferences (cookie) for this unique server. If so, the browser will send this cookie to the server together with your request for the web page. Microsoft and Netscape use cookie to create personal start pages on their websites. Common uses of cookie by companies include online ordering system, website personalization and website tracking.

Personalization of websites is one of the most beneficial uses of cookie. For example, when someone comes to CNN website, but doesn't want to see any business news. The website allows him to choose this item as an option. From then on (or until the cookie expires), he will not read business news when he visits CNN.

How do these cookies work?

The command line in the HTML code of the document tells the browser to set a cookie with a certain name or value. The following are common examples of scripts used to set cookie.

set-Cookie:name = VALUE；

Expires = date;

Path = path;

Domain = domain name;

So what about security? HTTP Cookie cannot be used to retrieve personal data from your hard disk; place viruses; obtain your email address or steal sensitive information about your identity; However, HTTP Cookie can be used to track your location on a specific website. It's hard to track websites without cookie.

As for other things related to the internet, it's as anonymous as you wish. No website knows who you are unless you reveal yourself to the website. At the same time, cookie is only a statistical means of website tracking, so as to better understand the usage pattern and improve the efficiency of website visitors.

Cookie are needed if the website designer's goal is to make the webpage more interactive with visitors, or if the designer plans to let visitors customize the appearance of the website. In addition, if you want your website to change its appearance in some cases, cookie provide a quick and simple way for your HTML pages to make changes as needed. Cookie used by the latest servers contribute to the interactivity of the database, thus improving the overall interactivity of the website.

Cookie means cookie in English, and we can always see this word in the browser. How can food have anything to do with browsers? When you browse the websites you have visited before, there may be: Hello XX, it feels very kind, just like eating a small dessert. This is actually achieved by accessing a file in your host, so this file is also called a Cookie. Want to know everything about cookies? Look down!

1. Know who Cookie are for: beginners.

A Cookie is a small text file stored on your machine when you browse a website. It records your user ID, password, the web pages you visited, the time you stayed, and other information. When you come to the website again, the website can read Cookie and get your relevant information, so you can take corresponding actions, such as displaying a welcome slogan on the page, or allowing you to log in directly without entering your ID and password. You can select "Settings/View Files" in the "General" tab of ie's "Tools/Internet Options" to view all Cookie saved in your computer. These files are usually named in the format of user@domain, where user is your local user name and domain is the domain name of the website you visit. If you use a NetsCape browser, it is stored in "C: \ program files \ NETSCAPE \ users". Unlike IE, Netscape uses a Cookie file to record cookies of all websites.

In order to ensure the security of the Internet, we need to set Cookie appropriately. Open the Privacy tab in Tools/Internet Options (note that this setting only exists in IE6.0, and other versions of IE can be adjusted by clicking the Custom Level button in the Security tab in Tools/Internet Options). Usually, you can adjust the slider to the "medium high" or "high" position. Most forum sites need to use Cookie information. If you never go to these places, you can set the security level to "block all Cookies". If you only want to block Cookie from individual websites, you can click the Edit button to add the websites to be blocked to the list. In the Advanced button option, you can set first-party cookies and third-party cookies. The first-party Cookie is the Cookie of the website you are browsing, and the third-party Cookie is not the Cookie sent to you by the website you are browsing. Usually, you should choose "Reject" for third-party Cookie, as shown in figure 1. If you need to save Cookie, you can use ie's "Import and Export" function to open "File/Import and Export" and follow the prompts.

Most of the contents in Cookie are encrypted, so in our opinion, they are just meaningless alphanumeric combinations, and only the CGI processor of the server knows their true meaning. You can see more content through some software, and the Cookie information viewed by using Cookie Pal software is shown in Figure 2. It provides us with the contents, expiration, name, value and other options of the server. Among them, Server is the website that stores cookies, Expires records the time and lifetime of cookies, and the Name and value fields are specific data.

Secondly, the Cookie delivery process is suitable for intermediate readers.

When you type the URL of a website in the address bar of the browser, the browser will send a request to read the webpage to the website and display the result on the display. At this time, the webpage looks for the Cookie file set by Amazon website on your computer. If it is found, the browser will send the data in the Cookie file to the Amazon server together with the URL previously entered. When the server receives the Cookie data, it will retrieve your ID, your shopping records, personal preferences and other information from his database, and record the new content and add it to the database and Cookie file. If no Cookie is detected or your Cookie information does not match the information in the database, it means that you are visiting the website for the first time, and the CGI program of the server will create new ID information for you and save it in the database.

Cookies are transmitted by using HTTP header information in web page code. Every web page request of the browser can be accompanied by Cookie transmission, such as the browser opening or refreshing the web page. The server adds cookies to the HTTP header information of the webpage, and the webpage data is sent back to your browser, and the browser will choose whether to save these data according to the cookie settings in your computer. If the browser does not allow Cookie to be saved, the data will disappear after the browser is closed. Cookie are stored on the computer for different times, which is determined by the different settings of the server. Cookies have an expiration attribute, which determines the storage time of cookies. The server can change the storage time of cookies by setting the value of the expiration field. If you do not set this property, cookies are only valid during browsing the web. When you close the browser, these cookies will disappear automatically, as most websites do. Usually, cookies contain several fields, such as server, expiration, name and value, among which only the name and value fields are useful to the server, and the content of the expiration field only tells the browser how to handle these cookies.

Third, the programming of Cookie is suitable for advanced readers.

Most web programming languages support Cookie. Such as javascript, VBScript, Delphi, ASP, SQL, PHP, C# and so on. In these object-oriented programming languages, the programming and utilization of Cookies are basically similar. The general process is as follows: first, create a cookie object, and then use the control function to allocate, read and write cookies. So how do you get sensitive information from other users' Cookie through code? Here is a brief introduction.

This method has two main steps. Firstly, locate the websites that need to collect Cookie, analyze them and construct the URL. Then compile the PHP code for collecting Cookie and put it on the website you can control. When an unsuspecting person clicks on the URL you built, the PHP code can be executed. Let's take a look at the specific implementation process.

1. Analyze and build URL.

First, open the website where we want to collect Cookie. Suppose we log in to the website, enter the user name ""(without quotation marks), and analyze the data to get the form "/txl/login/login ... x = 28&; Ok.y=6 ",replace" "with" "and try again; If the execution is successful, start to construct the URL: "/txl/login/log; ... swd =&ok. = 28&OK. y=6. Where \ ";

? & gt

Fourth, the security of Cookie applies to all readers who want to surf the Internet safely.

1.Cookie spoofing

Cookie record the user's account ID, password and other information. If it is transmitted online, it is usually encrypted by MD5 method. Even if the encrypted information is intercepted by some people with ulterior motives on the network, it can't be understood, because all he sees are meaningless letters and numbers. However, the problem now is that people who intercept cookies don't need to know the meaning of these strings. They only need to submit other people's cookies to the server and pass the verification, so they can pretend to be victims and log on to the website. This method is called Cookie cheating. The prerequisite of Cookie cheating is that there is a loophole in the server's verification program, and the imitator should obtain the Cookie information of the imitator. At present, it is difficult to exclude all illegal logins in the verification procedure of the website. For example, there may be vulnerabilities in the language used to write the validator. Moreover, it is very easy to get other people's cookies, which can be achieved by writing a short code in a language that supports cookies (see 3 for specific methods). As long as this code is put on the network, everyone's cookies can be collected. If a forum allows HTML codes or Flash tags, you can use these technologies to collect Cookie codes and put them in the forum, then choose an attractive topic for the post and write interesting content, so you can quickly collect a large number of cookies. On the forum, many people's passwords were stolen in this way. As for how to prevent it, there is no specific medicine at present. We can only use the usual protection methods, don't use important passwords in forums, don't use IE's function of automatically saving passwords, and try not to log on to websites that don't know the details.

2.2 code hidden trouble. glitter

There is a getURL () function in Flash, which can be used by Flash to automatically open the specified web page. Therefore, it may lead you to a website that contains malicious code. For example, when you enjoy the exquisite Flash animation on your computer, the code in the animation frame may have been quietly connected to the Internet, opening a very small page containing special code. This page can collect your Cookie and do other things, such as planting Trojan horses on your machine and even formatting your hard disk. For this behavior of Flash, the website cannot ban it, because it is the internal behavior of Flash files. What we can do is to open the firewall as much as possible when browsing locally. If you don't know the package sent by the firewall, you'd better ban it. If you enjoy it online, you'd better find some famous big websites.