HTTP cookie is a former featured article. Please see the links under Article milestones below for its original nomination page (for older articles, check the nomination archive) and why it was removed.
This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
This article is within the scope of WikiProject Spoken Wikipedia, a collaborative effort to improve the coverage of articles that are spoken on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
This article is substantially duplicated by a piece in an external publication. Please do not flag this article as a copyright violation of the following source:
Surhone, L. M., Timpledon, M. T., & Marseken, S. F. (2010), Online advertising: World Wide Web, interactive advertising, HTTP cookie, Betascript Publishing
What file extension do cookies normally have? 87.112.48.16 (talk) 11:40, 16 January 2014 (UTC)
They don't have a standard file extension as they are not typically stored individually as files on disk. Rather, each browser has its own proprietary store format for cookies. Alistair1978 (talk) 14:23, 16 January 2014 (UTC)
The article says: " If not specified, they default to the domain and path of the object that was requested." Other sources say the default value for the path is "/". The sentence is also inconsistent with the example in the paragraph above. Can someone confirm or disconfirm? —Preceding unsigned comment added by Weinzierl (talk • contribs) 02:01, 25 January 2009 (UTC)
I've clarified this with a source: the RFC is very explicit on this, and the current text was correct. However, this is the default when not sending a path attribute at all - which I have never seen in a cookie in the real world. — ErikRomijn (talk) 10:12, 4 March 2014 (UTC)
The statement "Web browsers normally delete session cookies when the user closes the browser" -Which is echoed across numerous software manual pages- may no longer be accurate.
Since 2006, some browsers have acquired a mode in which any pages open at browser shutdown are automatically reopenend at the next launch of the browser. In some implementations the session cookie from the previous instance of the page may also be cached and restored. This appears to happen even if a no-cache HTTP header has been sent. With some recent browser versions adopting this automatic page-restore mode as the default, the webmaster can no longer make any assumptions about the lifetime of session cookies.
The security implications are quite far-reaching, since any oversight by the user in logging off from a website -or any systems failure which prevents manual logoff- can leave the session open to misuse by an interloper after browser shutdown, or even after a computer reboot. The user does not have to OK the saving of any password for this situation to arise. --Anteaus (talk) 21:51, 3 August 2014 (UTC)
If there are programs for managing cookies, a section discussing them would be a valuable addition to this article. For example, has anyone created a program which would divide a browser's cookie list into 2 parts: 1) Protected Cookies & 2) Unprotected Cookies? Protected cookies would be cookies that the user designates to be protected, like a short list of sites for which the user wants the cookies to remain. Then the rest could be set to delete every time the browser is closed or by clicking on a menu item in the main browser menu, like "DELETE ALL UNPROTECTED COOKIES." I find it a great waste of time to have to sort through a ton of cookies & delete the undesired cookies, while keeping the few I want. Moreover, in Safari (for example) one gets a menu window with only about 6 cookies showing at a time & the confounded window spontaneously jumps around, so while you are highlighting cookies to delete, suddenly it jumps away from where you were in the list. If anyone has made a program to control such annoyances, the program should be added to this article. (EnochBethany (talk) 15:20, 24 March 2015 (UTC))
The first implementation of HTTP cookies in a browser is attributed to 0.9beta of Mosaic Netscape. Yet none of the provides sources confirm that. An internet search also yields no actual reliable sources. Mostly it's probably reciting of this Wikipedia Article. Can anyone confirm or find a source where it's stated that that specific version had the first HTTP cookie implementation? 81.11.200.192 (talk) 11:24, 21 May 2015 (UTC)
