Which of the following refers to a small text file passed to a Web browser on a users computer by a Web server?

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

Cookies are messages that web servers pass to your web browser when you visit Internet sites. Your browser stores each message in a small file, called cookie.txt. When you request another page from the server, your browser sends the cookie back to the server. These files typically contain information about your visit to the web page, as well as any information you've volunteered, such as your name and interests.

The term "cookie" is an allusion to a Unix program called Fortune Cookie that produces a different message, or fortune, each time it runs.

Examples of cookies

Cookies are most commonly used to track website activity. When you visit some sites, the server gives you a cookie that acts as your identification card. Upon each return visit to that site, your browser passes that cookie back to the server. In this way, a web server can gather information about which web pages are used the most, and which pages are gathering the most repeat hits.

Cookies are also used for online shopping. Online stores often use cookies that record any personal information you enter, as well as any items in your electronic shopping cart, so that you don't need to re-enter this information each time you visit the site.

Servers can use cookies to provide personalized web pages. When you select preferences at a site that uses this option, the server places the information in a cookie. When you return, the server uses the information in the cookie to create a customized page for you.

Security concerns

Only the website that creates a cookie can read it, so other servers do not have access to your information. Additionally, web servers can use only information that you provide or choices that you make while visiting the website as content in cookies.

Webmasters have always been able to track access to their sites, but cookies make it easier to do so. In some cases, cookies come not from the site you're visiting, but from advertising companies that manage the banner ads for a set of sites (such as DoubleClick.com). These advertising companies can develop detailed profiles of the people who select ads across their customers' sites.

Accepting a cookie does not give a server access to your computer or any of your personal information (except for any information that you may have purposely given, as with online shopping). Also, it is not possible to execute code from a cookie, and not possible to use a cookie to deliver a virus.

Viewing and controlling cookies

For privacy reasons, you may wish to view the cookies currently stored in your browser or control which sites you accept cookies from. You may also decide how long they may be stored and used. Most modern browsers offer the ability to control cookie settings; consult your browser's help files, and see:

More

See:

  • Electronic Privacy Information Center
  • Cookie Central

Which of the following refers to a small text file passed to a Web browser on a users computer by a Web server?

HTTP cookies are essential to the modern Internet but a vulnerability to your privacy. As a necessary part of web browsing, HTTP cookies help web developers give you more personal, convenient website visits. Cookies let websites remember you, your website logins, shopping carts and more. But they can also be a treasure trove of private info for criminals to spy on.

Guarding your privacy online can be overwhelming. Fortunately, even a basic understanding of cookies can help you keep unwanted eyes off your internet activity.

While most cookies are perfectly safe, some can be used to track you without your consent. Worse, legitimate cookies can sometimes be spied upon if a criminal gets access.

In this article, we will guide you through how cookies work and how you can stay safe online. We’ll answer key questions like:

  • What are cookies?
  • What are cookies on a computer?
  • What are cookies on a website?
  • Can cookies contain viruses?
  • How can I remove cookies?
Which of the following refers to a small text file passed to a Web browser on a users computer by a Web server?

What Are Cookies?

Cookies are text files with small pieces of data — like a username and password — that are used to identify your computer as you use a computer network. Specific cookies known as HTTP cookies are used to identify specific users and improve your web browsing experience.

Data stored in a cookie is created by the server upon your connection. This data is labeled with an ID unique to you and your computer.

When the cookie is exchanged between your computer and the network server, the server reads the ID and knows what information to specifically serve to you.

Different types of cookies - Magic Cookies and HTTP Cookies

  • Magic Cookies
  • HTTP Cookies

Cookies generally function the same but have been applied to different use cases:

"Magic cookies" are an old computing term that refers to packets of information that are sent and received without changes. Commonly, this would be used for a login to computer database systems, such as a business internal network. This concept predates the modern “cookie” we use today.

HTTP cookies are a repurposed version of the “magic cookie” built for internet browsing. Web browser programmer Lou Montulli used the “magic cookie” as inspiration in 1994. He recreated this concept for browsers when he helped an online shopping store fix their overloaded servers.

The HTTP cookie is what we currently use to manage our online experiences. It is also what some malicious people can use to spy on your online activity and steal your personal info.

To explain, you’ll want to understand exactly what are internet cookies and why do they matter?

What are HTTP Cookies?

HTTP cookies, or internet cookies, are built specifically for Internet web browsers to track, personalize, and save information about each user’s session. A “session” just refers to the time you spend on a site.

Cookies are created to identify you when you visit a new website. The web server — which stores the website’s data — sends a short stream of identifying info to your web browser.

Browser cookies are identified and read by “name-value” pairs. These tell cookies where to be sent and what data to recall.

The server only sends the cookie when it wants the web browser to save it. If you’re wondering “where are cookies stored,” it’s simple: your web browser will store it locally to remember the “name-value pair” that identifies you.

If a user returns to that site in the future, the web browser returns that data to the web server in the form of a cookie. This is when your browser will send it back to the server to recall data from your previous sessions.

To put it simply, cookies are a bit like getting a ticket for a coat check:

  • You hand over your “coat” to the cloak desk. In this case, a pocket of data is linked to you on the website server when you connect. This data can be your personal account, your shopping cart, or even just what pages you’ve visited.
  • You get a “ticket” to identify you as the “coat” owner. The cookie for the website is given to you and stored in your web browser. It has a unique ID especially for you.
  • If you leave and return, you can get the “coat” with your “ticket”. Your browser gives the website your cookie. It reads the unique ID in the cookie to assemble your activity data and recall your visit just as you left it.

What Are Cookies Used For?

Websites use HTTP cookies to streamline your web experiences. Without cookies, you’d have to login again after you leave a site or rebuild your shopping cart if you accidentally close the page. Making cookies an important a part of the internet experience.

Based on this, you’ll want to understand why they’re worth keeping — and when they’re not.

Here’s how cookie are intended to be used:

  1. Session management. For example, cookies let websites recognize users and recall their individual login information and preferences, such as sports news versus politics.
  2. Personalization. Customized advertising is the main way cookies are used to personalize your sessions. You may view certain items or parts of a site, and cookies use this data to help build targeted ads that you might enjoy.
  3. Tracking. Shopping sites use cookies to track items users previously viewed, allowing the sites to suggest other goods they might like and keep items in shopping carts while they continue shopping.

While this is mostly for your benefit, web developers get a lot out of this set-up as well.

Cookies are stored on your device locally to free up storage space on a website’s servers. In turn, websites can personalize while saving money on server maintenance and storage costs.

What are the different types of HTTP Cookies?

With a few variations, cookies in the cyber world come in two types: session and persistent.

Session cookies are used only while navigating a website. They are stored in random access memory and are never written to the hard drive.

When the session ends, session cookies are automatically deleted. They also help the "back" button or third-party anonymizer plugins work. These plugins are designed for specific browsers to work and help maintain user privacy.

Persistent cookies remain on a computer indefinitely, although many include an expiration date and are automatically removed when that date is reached.

Persistent cookies are used for two primary purposes:

  1. Authentication. These cookies track whether a user is logged in and under what name. They also streamline login information, so users don't have to remember site passwords.
  2. Tracking. These cookies track multiple visits to the same site over time. Some online merchants, for example, use cookies to track visits from particular users, including the pages and products viewed. The information they gain allows them to suggest other items that might interest visitors. Gradually, a profile is built based on a user's browsing history on that site.

Why Cookies Can Be Dangerous

Since the data in cookies doesn't change, cookies themselves aren't harmful.

They can't infect computers with viruses or other malware. However, some cyberattacks can hijack cookies and enable access to your browsing sessions.

The danger lies in their ability to track individuals' browsing histories. To explain, let’s discuss what cookies to watch out for.

First-Party vs. Third-Party Cookies

Some cookies may pack more of a threat than others depending on where they come from.

First-party cookies are directly created by the website you are using. These are generally safer, as long as you are browsing reputable websites or ones that have not been compromised.

Third-party cookies are more troubling. They are generated by websites that are different from the web pages users are currently surfing, usually because they're linked to ads on that page.

Visiting a site with 10 ads may generate 10 cookies, even if users never click on those ads.

Third-party cookies let advertisers or analytics companies track an individual's browsing history across the web on any sites that contain their ads.

Consequently, the advertiser could determine that a user first searched for running apparel at a specific outdoor store before checking a particular sporting goods site and then a certain online sportswear boutique.

Zombie cookies are from a third-party and permanently installed on users' computers, even when they opt not to install cookies. They also reappear after they've been deleted. When zombie cookies first appeared, they were created from data stored in the Adobe Flash storage bin. They are sometimes called “flash cookies” and are extremely difficult to remove.

Like other third-party cookies, zombie cookies can be used by web analytics companies to track unique individuals' browsing histories. Websites may also use zombies to ban specific users.

Allowing or Removing Cookies

Cookies can be an optional part of your internet experience. If you so choose, you can limit what cookies end up on your computer or mobile device.

If you allow cookies, it will streamline your surfing. For some users, no cookies security risk is more important than a convenient internet experience.

Here’s how to allow cookies:

  • Find the cookie section — typically under Settings > Privacy.
  • Click the boxes to allow cookies. Sometimes the option says, "Allow local data.”
  • If you don’t want cookies, you can simply uncheck these boxes.

Removing cookies can help you mitigate your risks of privacy breaches. It can also reset your browser tracking and personalization. To help, Kaspersky offers step-by-step instructions for removing cookies from the most popular web browsers.

Removing normal cookies is easy, but it could make certain web sites harder to navigate. Without cookies internet, users may have to re-enter their data for each visit. Different browsers store cookies in different places, but usually, you can:

  • Find the Settings, Privacy section — sometimes listed under Tools, Internet Options, or Advanced.
  • Follow the prompts on the available options to manage or remove cookies.

To remove tracking cookie infestations and more malicious types, you’ll want to enlist the help of some internet security software.

Before removing cookies, evaluate the ease of use expected from a website that uses cookies. In most cases, cookies improve the web experience, but they should be handled carefully.

In the future, you can anonymize your web use by using a virtual private network (VPN). These services tunnel your web connection to a remote server that poses as you. Cookies will be labeled for that remote server in another country, instead of your local computer.

Regardless of how you handle cookies, it’s best to remain on guard and clean up your cookies often.

Kaspersky Internet Security received two AV-TEST awards for the best performance & protection for an internet security product in 2021. In all tests Kaspersky Internet Security showed outstanding performance and protection against cyberthreats.

Related articles: