The Gateway to Computer Science Excellence
+9 votes

Which of the following statements is NOT correct about HTTP cookies?

  1. A cookie is a piece of code that has the potential to compromise the security of an Internet user
  2. A cookie gains entry to the user's  work area through an HTTP header
  3. A cookie has an expiry date and time
  4. Cookies can be used to track the browsing pattern of a user at a particular site
in Web Technologies by | 2.5k views

5 Answers

+8 votes
Best answer

Answer is A. 

See this :

Moreover, cookies are just strings not code. Refer Tanenbaum .

selected by
I too after writing the answer gave it a second thought. Sorry.
dude,no need to be sorry  :P chill

Correct/ Cookies are data and not code.

0 votes
Answer Is A


A cookie is a piece of code that has the potential to compromise the security of an Internet user

Its Not A Piece Of Code
0 votes
An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies are not piece of code, they are just strings typically in the form of key value pairs.
0 votes

Cookie is a file (at most 4KB) or a string. It is criticised because it can arguably violate privacy — not compromise the security of the user (We have to be technical here).

Cookie is just data. Not an executable program, hence it can't compromise security.

Option A is incorrect (Answer)

Cookies are passed via HTTP headers, in both the cases (when client contacts server, and when server contacts the client)

Option B is correct.

Cookies may contain up to 5 fields that have information about

  1. Domain
  2. Path
  3. Content
  4. Expiry
  5. If the browser would return the cookie to only a secure server.

Option C is correct.

The primary functionality of cookies is to track the user's browsing pattern, so as to customize their viewing experience. Option D is correct.

Additional information

The data of the cookies is only meant for the server. It is never revealed to the browser/user.

Cookie is something that the server creates, and only the server eats. (Line taken from Forouzan)


Tannenbaum, page 481.

edited by
–1 vote
It is B.

For reference you can have a look at the HTTP header here.
reshown by
The answer is A :)

Related questions

Quick search syntax
tags tag:apple
author user:martin
title title:apple
content content:apple
exclude -tag:apple
force match +apple
views views:100
score score:10
answers answers:2
is accepted isaccepted:true
is closed isclosed:true
52,345 questions
60,513 answers
95,356 users