Cookies
What are ‘cookies’ used for?
The Internet and cookies are two concepts that have been associated with browsing the web for years, and we have all come across the typical message when entering a web page that we visit: “your privacy is important to us”, “accept or configure cookies”.
But what exactly are they and what uses do these ‘web cookies’ that we see so often have?
Introduction
Many times, as users, we use multiple applications and websites (such as social networks, forums, blogs, news portals, etc.) and we are not aware of everything that happens behind.
Many times, as developers, we use multiple frameworks (such as Laravel, Django, Ruby on Rails, etc.) and in the same way we don’t know very well what happens at a lower level.
Then:
Although frameworks encapsulate specific details and allow us to save time in our development, we must not overlook such details and we must try to be well informed.
Although users (who are not programmers) do not need to know these topics at a technical level, it is important that they know the concepts because they surely use the Internet frequently.
Overview
Every time we visit a page, a server is in charge of responding to our request. Each request we make and the response we receive are completely independent in nature.
However, the use of Cookies makes possible the existence of a state between the different requests that we are making.
That is, HTTP requests are stateless (stateless), but if they rely on the use of Cookies they can have one (state full) and thereby modify what visitors see, based on their saved cookies.
Definition and function of cookies
Cookies are small temporary files with data, stored on the user’s device when visiting a web page. Until the GDPR came into force, web pages could store cookies on the user's computer without their prior consent. Instead, it is now necessary to have your express and unequivocal consent. For this reason, now when you visit a website for the first time a message appears asking you to accept its cookies.
Its main function is to identify users through a web page server, remembering important information such as who you are and what you have done previously on that website. A very useful feature is being able to remember user logins and credentials, so it can help you avoid having to enter your credentials on a page you use often. They also serve to remember the behavior of a user on a web page, such as an online store from which you leave without completing the purchase and, when you return, you do not need to add what you already had in the shopping cart.
Cookies are files that allow us to save data about our preferences.
Initially, when they were first created, they only kept very specific information. For example, in which language we want to see a certain web page (assuming that it is available in several languages).
So that the page can remember our preferred language, it stores a Cookie on our computer (this is handled by the web browser, for example Chrome, Firefox or Safari).
In this way, when we visit a page, it can read the Cookies that we have registered. Cookies can save any data that the server considers important to remember. For example, the last date we visited a page, the products we have loaded into a shopping cart, the links we clicked, etc.
If a page requests the creation of a Cookie, then the Cookie is registered associated with said page, and cannot be consulted by a different page.
 |
| cookies |
Although at first they kept very specific information, over time, the data stored in Cookies grew in order to provide a better user experience (based on each user’s own choices or based on an analysis of their behavior In Internet).
Because Cookies have a size limit, when there is a lot of information associated with each user, what is done is to save the information on the server, and save in a Cookie only an identifier (which allows the server to know whose it is about).
It is important to note that when you visit a website, it may contain fragments from other sites. For example, many sites present advertisements (served from a different server). In this case, both the page we visit and the server that serves the ads can create Cookies.
Many times the same ad platform is the one that is in charge of providing ads to a large number of pages. In these cases, it is possible that the platform has developed a strategy to capture information from all the pages that show their ads, in order to show us ads based on the pages that we frequent the most.
Are Cookies bad? Not quite. It all depends on the creators of the page: the information they store in Cookies and the use that is given to this information.
Cookie types
By origin:
Own: they are generated directly from the website and improve the user’s browsing experience in the future within those pages.
Third parties: originate from external servers, such as some social media platforms that track user’s online activity and advertise specific products and services.
By temporality:
Temporary: the files disappear as soon as the user stops browsing the web page and are only designed to keep the information when visiting different pages of the site or when updating them.
Permanent: Files remain on the visitor’s computer and will be available again as soon as the website is visited again.
By function:
Analysis: to know the performance of a website by collecting information on user behavior on it.
Of preferences: they manage to save the personalization of a user when visiting a site: location from where it is entered, language…
Marketing: they help create profiles by analyzing visitor behavior, such as browsing other pages or searches performed.
Techniques: they cannot be deleted from browsers because they optimize the operation of a website and manage the traffic they receive.
Cookies Anatomy
As we mentioned before, Cookies are text files that are stored in the client (desktop computer, tablet, smartphone) with the intention of remembering the preferences of a visitor on a certain page.
Without Cookies (and without any other data persistence mechanism), the requests would all be the same, and each visit would always be considered as the first visit that a user makes when entering a page.
In the use of Cookies we can identify 3 steps:
1. The server sends a set of data in the form of Cookies to the web browser. The browser saves this information locally (on the device that was used, and where the browser is installed).
2. The next time a request is made to the server, the browser will also send the information stored in Cookies to the server, and the server will use this information (to identify which user it is, or to simply apply immediate changes to the response that is about to realize).
3. Cookies are generally registered through an “HTTP header” returned by the server (although with JavaScript you can also set Cookies without the presence of a server)
Finally, from this Blog Technological we consider that, for security, it is important that, if you have a web page, you are aware of the obligation to Inform users who enter for the first time about the use of cookies. You must include an acceptance box in which users manually confirm that they authorize you to place cookies on their equipment. Also, if you enter a website that does not accept cookies, do not trust that it is a secure website.
