Monday,
November 4, 2002
|
|
Feature |
|
Net’s black box
Deepak Kaushik
HAVE
you ever wondered when you login and enter a Website, how does the
server remember name and other information? Actually, server keeps track
of each and every user visiting the site. How is this possible when
thousands of visitors are visiting the site simultaneously and how safe
is it?
Since HTTP is a
stateless protocol, it cannot be used to retain the state of the user
and identify a user over multiple Web pages. Session, which uses
cookies, was introduced to fix this problem. As soon as a visitor enters
the site, the server creates a session for that, particular visitor, and
this session lasts as long as the visitor is on site. So at a time there
are as many sessions as the number of visitors on the site. The server
keeps all these sessions in a separate memory area so that no other user
can access information about others.
Cookies are temporary
memory area or files on the client’s computer that holds the
information regarding the user. These files can be permanent sometimes.
The server can store information regarding the stages of the user by
creating different cookie variables on the client computer. Others
cannot use this information because cookies are stored on the client’s
computer and not on server. This can be easily retrieved for further use
anytime. When the user quits, the session ends and all this temporary
information is erased from the client’s computer. Cookies can also be
used to store information regarding visitors’ habit and favourites,
which can be used to customise the site according to the user
preferences each time she visits the site. This way the cookies help in
making the site more dynamic and customised. It’s a wonderful tool.
There are two other methods like query string and hidden forms to do the
same thing but each has its own limitations.
Some consider cookies
an invasion of their privacy. Even worse, if this information falls into
wrong hands, the individual could become the target of multiple
bulk-mail advertising campaigns. Not all browsers, however, support
cookies.
Recent versions of both
Internet explorer and Netscape navigator have additional options that
allow greater
control over cookies. You can either configure browser to warn before
accepting a cookie or disable them entirely. One simple way to disable
cookies on a browser is by making the cookies files read-only.
At the end, we can say
cookies are the easiest way for keeping track of a user over multiple
pages. But they should be used carefully.
|